78a28b25b330513649439305a5d9293cb07fb796ad6521ef31f39a5453a549d8

Resubmissions

07-09-2023 14:45

230907-r45fysaf5s 10

07-09-2023 14:12

230907-rjbyxaad5s 10

Analysis

max time kernel
43s
max time network
124s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
07-09-2023 14:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
Size

696KB
MD5

6c4afbb266c4c09ca6ec58a0d7716bf1
SHA1

9309c83062a2cd154776f1a2d4720be008404760
SHA256

9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b
SHA512

5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec
SSDEEP

12288:/Br2++HzRcCUNsvdtZhfMF6pI12KM2K/nrRlZmv9BSc:/Bz+NrU6vbE6nK+/+9BS

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 64 IoCs

pid	Process
2068	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2228	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2232	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2680	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
1900	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2628	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2772	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2632	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2616	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2676	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2432	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2508	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2572	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2964	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2980	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
1948	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
1700	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
808	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
868	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
1992	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2188	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
1656	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
320	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
596	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2764	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2436	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
1580	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
1620	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2824	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
1624	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
1528	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
1520	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2832	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
268	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
544	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2872	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2860	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2840	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2812	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2856	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2836	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2820	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
940	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
436	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
1128	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2060	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
1776	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
1212	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2268	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
1864	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2380	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
1152	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
1120	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2172	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2040	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2596	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2140	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
580	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
568	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
1136	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
1144	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
1084	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
548	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2876	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Loads dropped DLL 64 IoCs

pid	Process
2052	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2052	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2068	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2068	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2228	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2228	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2232	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2232	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2680	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2680	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
1900	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
1900	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2628	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2628	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2772	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2772	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2632	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2632	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2616	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2616	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2676	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2676	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2432	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2432	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2508	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2508	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2572	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2572	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2964	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2964	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2980	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2980	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
1948	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
1948	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
1700	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
1700	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
808	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
808	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
868	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
868	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
1992	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
1992	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2188	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2188	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
1656	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
1656	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
320	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
320	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
596	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
596	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2764	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2764	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2436	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2436	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
1580	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
1580	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
1620	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
1620	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2824	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
2824	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
1624	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
1624	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
1528	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
1528	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Drops file in System32 directory 64 IoCs

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2052 wrote to memory of 2068	2052	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	28
PID 2052 wrote to memory of 2068	2052	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	28
PID 2052 wrote to memory of 2068	2052	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	28
PID 2052 wrote to memory of 2068	2052	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	28
PID 2068 wrote to memory of 2228	2068	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	29
PID 2068 wrote to memory of 2228	2068	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	29
PID 2068 wrote to memory of 2228	2068	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	29
PID 2068 wrote to memory of 2228	2068	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	29
PID 2228 wrote to memory of 2232	2228	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	30
PID 2228 wrote to memory of 2232	2228	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	30
PID 2228 wrote to memory of 2232	2228	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	30
PID 2228 wrote to memory of 2232	2228	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	30
PID 2232 wrote to memory of 2680	2232	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	31
PID 2232 wrote to memory of 2680	2232	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	31
PID 2232 wrote to memory of 2680	2232	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	31
PID 2232 wrote to memory of 2680	2232	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	31
PID 2680 wrote to memory of 1900	2680	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	32
PID 2680 wrote to memory of 1900	2680	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	32
PID 2680 wrote to memory of 1900	2680	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	32
PID 2680 wrote to memory of 1900	2680	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	32
PID 1900 wrote to memory of 2628	1900	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	33
PID 1900 wrote to memory of 2628	1900	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	33
PID 1900 wrote to memory of 2628	1900	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	33
PID 1900 wrote to memory of 2628	1900	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	33
PID 2628 wrote to memory of 2772	2628	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	34
PID 2628 wrote to memory of 2772	2628	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	34
PID 2628 wrote to memory of 2772	2628	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	34
PID 2628 wrote to memory of 2772	2628	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	34
PID 2772 wrote to memory of 2632	2772	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	35
PID 2772 wrote to memory of 2632	2772	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	35
PID 2772 wrote to memory of 2632	2772	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	35
PID 2772 wrote to memory of 2632	2772	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	35
PID 2632 wrote to memory of 2616	2632	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	36
PID 2632 wrote to memory of 2616	2632	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	36
PID 2632 wrote to memory of 2616	2632	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	36
PID 2632 wrote to memory of 2616	2632	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	36
PID 2616 wrote to memory of 2676	2616	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	37
PID 2616 wrote to memory of 2676	2616	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	37
PID 2616 wrote to memory of 2676	2616	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	37
PID 2616 wrote to memory of 2676	2616	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	37
PID 2676 wrote to memory of 2432	2676	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	38
PID 2676 wrote to memory of 2432	2676	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	38
PID 2676 wrote to memory of 2432	2676	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	38
PID 2676 wrote to memory of 2432	2676	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	38
PID 2432 wrote to memory of 2508	2432	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	39
PID 2432 wrote to memory of 2508	2432	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	39
PID 2432 wrote to memory of 2508	2432	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	39
PID 2432 wrote to memory of 2508	2432	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	39
PID 2508 wrote to memory of 2572	2508	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	40
PID 2508 wrote to memory of 2572	2508	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	40
PID 2508 wrote to memory of 2572	2508	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	40
PID 2508 wrote to memory of 2572	2508	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	40
PID 2572 wrote to memory of 2964	2572	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	41
PID 2572 wrote to memory of 2964	2572	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	41
PID 2572 wrote to memory of 2964	2572	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	41
PID 2572 wrote to memory of 2964	2572	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	41
PID 2964 wrote to memory of 2980	2964	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	42
PID 2964 wrote to memory of 2980	2964	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	42
PID 2964 wrote to memory of 2980	2964	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	42
PID 2964 wrote to memory of 2980	2964	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	42
PID 2980 wrote to memory of 1948	2980	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	43
PID 2980 wrote to memory of 1948	2980	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	43
PID 2980 wrote to memory of 1948	2980	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	43
PID 2980 wrote to memory of 1948	2980	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	43

C:\Users\Admin\AppData\Local\Temp\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
"C:\Users\Admin\AppData\Local\Temp\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe"
1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:2052
- C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
  C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Suspicious use of WriteProcessMemory
  PID:2068
- - C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
    C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - Suspicious use of WriteProcessMemory
    PID:2228
  - - C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
      C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      Suspicious use of WriteProcessMemory
      PID:2232
    - - C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious use of WriteProcessMemory
        
        PID:2680
      - C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        6⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious use of WriteProcessMemory
        
        PID:1900
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        7⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious use of WriteProcessMemory
        
        PID:2628
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        8⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious use of WriteProcessMemory
        
        PID:2772
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        9⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious use of WriteProcessMemory
        
        PID:2632
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        10⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious use of WriteProcessMemory
        
        PID:2616
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        11⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious use of WriteProcessMemory
        
        PID:2676
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        12⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious use of WriteProcessMemory
        
        PID:2432
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        13⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious use of WriteProcessMemory
        
        PID:2508
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        14⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious use of WriteProcessMemory
        
        PID:2572
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        15⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious use of WriteProcessMemory
        
        PID:2964
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        16⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious use of WriteProcessMemory
        
        PID:2980
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        17⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:1948
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        18⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:1700
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        19⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:808
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        20⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:868
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        21⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:1992
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        22⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:2188
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        23⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:1656
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        24⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:320
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        25⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:596
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        26⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:2764
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        27⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:2436
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        28⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:1580
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        29⤵
        Executes dropped EXE
        Loads dropped DLL
        Drops file in System32 directory
        
        PID:1620
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        30⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:2824
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        31⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:1624
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        32⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:1528
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        33⤵
        Executes dropped EXE
        
        PID:1520
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        34⤵
        Executes dropped EXE
        
        PID:2832
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        35⤵
        Executes dropped EXE
        
        PID:268
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        36⤵
        Executes dropped EXE
        
        PID:544
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        37⤵
        Executes dropped EXE
        
        PID:2872
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        38⤵
        Executes dropped EXE
        
        PID:2860
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        39⤵
        Executes dropped EXE
        
        PID:2840
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        40⤵
        Executes dropped EXE
        
        PID:2812
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        41⤵
        Executes dropped EXE
        
        PID:2856
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        42⤵
        Executes dropped EXE
        
        PID:2836
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        43⤵
        Executes dropped EXE
        
        PID:2820
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        44⤵
        Executes dropped EXE
        
        PID:940
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        45⤵
        Executes dropped EXE
        
        PID:436
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        46⤵
        Executes dropped EXE
        
        PID:1128
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        47⤵
        Executes dropped EXE
        
        PID:2060
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        48⤵
        Executes dropped EXE
        
        PID:1776
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        49⤵
        Executes dropped EXE
        
        PID:1212
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        50⤵
        Executes dropped EXE
        
        PID:2268
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        51⤵
        Executes dropped EXE
        
        PID:1864
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        52⤵
        Executes dropped EXE
        Drops file in System32 directory
        
        PID:2380
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        53⤵
        Executes dropped EXE
        
        PID:1152
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        54⤵
        Executes dropped EXE
        
        PID:1120
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        55⤵
        Executes dropped EXE
        
        PID:2172
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        56⤵
        Executes dropped EXE
        Drops file in System32 directory
        
        PID:2040
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        57⤵
        Executes dropped EXE
        
        PID:2596
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        58⤵
        Executes dropped EXE
        
        PID:2140
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        59⤵
        Executes dropped EXE
        
        PID:580
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        60⤵
        Executes dropped EXE
        
        PID:568
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        61⤵
        Executes dropped EXE
        
        PID:1136
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        62⤵
        Executes dropped EXE
        
        PID:1144
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        63⤵
        Executes dropped EXE
        
        PID:1084
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        64⤵
        Executes dropped EXE
        
        PID:548
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        65⤵
        Executes dropped EXE
        
        PID:2876
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        66⤵
        
        PID:1696
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        67⤵
        
        PID:1064
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        68⤵
        
        PID:2408
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        69⤵
        Drops file in System32 directory
        
        PID:984
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        70⤵
        
        PID:1108
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        71⤵
        
        PID:952
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        72⤵
        
        PID:788
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        73⤵
        
        PID:2104
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        74⤵
        
        PID:2036
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        75⤵
        
        PID:2904
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        76⤵
        
        PID:2924
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        77⤵
        Drops file in System32 directory
        
        PID:2916
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        78⤵
        
        PID:2392
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        79⤵
        
        PID:1808
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        80⤵
        
        PID:2312
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        81⤵
        
        PID:2760
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        82⤵
        
        PID:1452
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        83⤵
        
        PID:1596
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        84⤵
        Drops file in System32 directory
        
        PID:1532
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        85⤵
        
        PID:1448
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        86⤵
        
        PID:1420
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        87⤵
        
        PID:1256
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        88⤵
        
        PID:1616
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        89⤵
        
        PID:296
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        90⤵
        
        PID:944
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        91⤵
        
        PID:2288
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        92⤵
        
        PID:1812
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        93⤵
        
        PID:3064
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        94⤵
        
        PID:1648
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        95⤵
        
        PID:1676
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        96⤵
        
        PID:1800
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        97⤵
        
        PID:1660
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        98⤵
        Drops file in System32 directory
        
        PID:996
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        99⤵
        
        PID:636
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        100⤵
        
        PID:2352
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        101⤵
        
        PID:1940
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        102⤵
        
        PID:1224
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        103⤵
        
        PID:1788
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        104⤵
        
        PID:2088
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        105⤵
        
        PID:1412
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        106⤵
        
        PID:3004
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        107⤵
        
        PID:2928
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        108⤵
        
        PID:1724
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        109⤵
        
        PID:2848
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        110⤵
        
        PID:1496
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        111⤵
        
        PID:304
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        112⤵
        
        PID:628
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        113⤵
        
        PID:988
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        114⤵
        
        PID:3024
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        115⤵
        
        PID:272
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        116⤵
        Drops file in System32 directory
        
        PID:3008
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        117⤵
        
        PID:2956
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        118⤵
        
        PID:1684
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        119⤵
        
        PID:2932
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        120⤵
        
        PID:1688
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        121⤵
        
        PID:880
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        122⤵
        
        PID:1088
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        123⤵
        
        PID:1908
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        124⤵
        
        PID:1956
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        125⤵
        
        PID:2028
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        126⤵
        
        PID:2360
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        127⤵
        
        PID:1892
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        128⤵
        
        PID:1592
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        129⤵
        
        PID:1720
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        130⤵
        
        PID:1608
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        131⤵
        Drops file in System32 directory
        
        PID:1708
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        132⤵
        
        PID:1384
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        133⤵
        
        PID:2084
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        134⤵
        Drops file in System32 directory
        
        PID:2092
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        135⤵
        
        PID:1932
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        136⤵
        
        PID:1356
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        137⤵
        
        PID:856
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        138⤵
        
        PID:2200
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        139⤵
        
        PID:2212
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        140⤵
        
        PID:2056
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        141⤵
        
        PID:2416
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        142⤵
        
        PID:2800
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        143⤵
        
        PID:2968
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        144⤵
        
        PID:2252
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        145⤵
        
        PID:3068
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        146⤵
        
        PID:3044
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        147⤵
        
        PID:2260
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        148⤵
        
        PID:2724
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        149⤵
        
        PID:2712
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        150⤵
        
        PID:2644
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        151⤵
        
        PID:2708
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        152⤵
        
        PID:2624
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        153⤵
        
        PID:2264
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        154⤵
        
        PID:1916
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        155⤵
        
        PID:2804
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        156⤵
        
        PID:2464
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        157⤵
        Drops file in System32 directory
        
        PID:756
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        158⤵
        
        PID:1112
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        159⤵
        
        PID:2524
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        160⤵
        
        PID:2660
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        161⤵
        
        PID:2844
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        162⤵
        
        PID:3016
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        163⤵
        
        PID:2692
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        164⤵
        
        PID:2672
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        165⤵
        
        PID:2500
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        166⤵
        Drops file in System32 directory
        
        PID:2560
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        167⤵
        
        PID:2528
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        168⤵
        
        PID:2788
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        169⤵
        
        PID:2552
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        170⤵
        
        PID:2620
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        171⤵
        
        PID:1288
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        172⤵
        
        PID:2564
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        173⤵
        
        PID:2972
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        174⤵
        
        PID:2984
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        175⤵
        
        PID:2556
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        176⤵
        
        PID:1928
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        177⤵
        Drops file in System32 directory
        
        PID:2148
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        178⤵
        
        PID:1944
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        179⤵
        
        PID:2428
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        180⤵
        
        PID:1680
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        181⤵
        
        PID:892
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        182⤵
        
        PID:540
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        183⤵
        
        PID:752
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        184⤵
        
        PID:2448
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        185⤵
        
        PID:1904
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        186⤵
        
        PID:1172
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        187⤵
        
        PID:364
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        188⤵
        
        PID:1100
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        189⤵
        
        PID:2768
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        190⤵
        
        PID:1752
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        191⤵
        
        PID:2016
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        192⤵
        
        PID:1996
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        193⤵
        
        PID:1912
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        194⤵
        
        PID:1380
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        195⤵
        
        PID:2396
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        196⤵
        
        PID:1716
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        197⤵
        
        PID:1148
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        198⤵
        
        PID:2484
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        199⤵
        
        PID:1572
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        200⤵
        
        PID:2548
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        201⤵
        
        PID:592
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        202⤵
        
        PID:584
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        203⤵
        
        PID:3076
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        204⤵
        
        PID:3084
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        205⤵
        
        PID:3092
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        206⤵
        
        PID:3100
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        207⤵
        
        PID:3108
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        208⤵
        
        PID:3116
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        209⤵
        
        PID:3124
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        210⤵
        
        PID:3132
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        211⤵
        
        PID:3140
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        212⤵
        
        PID:3148
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        213⤵
        
        PID:3156
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        214⤵
        
        PID:3164
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        215⤵
        
        PID:3172
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        216⤵
        
        PID:3180
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        217⤵
        
        PID:3188
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        218⤵
        
        PID:3196
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        219⤵
        
        PID:3204
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        220⤵
        
        PID:3212
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        221⤵
        
        PID:3220
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        222⤵
        
        PID:3228
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        223⤵
        
        PID:3236
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        224⤵
        
        PID:3244
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        225⤵
        Drops file in System32 directory
        
        PID:3252
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        226⤵
        Drops file in System32 directory
        
        PID:3260
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        227⤵
        
        PID:3268
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        228⤵
        
        PID:3276
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        229⤵
        
        PID:3284
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        230⤵
        
        PID:3292
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        231⤵
        
        PID:3300
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        232⤵
        
        PID:3308
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        233⤵
        
        PID:3316
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        234⤵
        
        PID:3324
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        235⤵
        
        PID:3332
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        236⤵
        
        PID:3340
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        237⤵
        Drops file in System32 directory
        
        PID:3348
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        238⤵
        
        PID:3356
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        239⤵
        
        PID:3364
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        240⤵
        
        PID:3372
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        241⤵
        
        PID:3380
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        242⤵
        
        PID:3388
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        243⤵
        
        PID:3396
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        244⤵
        
        PID:3404
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        245⤵
        
        PID:3412
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        246⤵
        
        PID:3420
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        247⤵
        
        PID:3428
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        248⤵
        
        PID:3436
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        249⤵
        
        PID:3444
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        250⤵
        
        PID:3452
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        251⤵
        Drops file in System32 directory
        
        PID:3460
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        252⤵
        
        PID:3468
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        253⤵
        
        PID:3476
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        254⤵
        
        PID:3484
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        255⤵
        
        PID:3492
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        256⤵
        
        PID:3500
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        257⤵
        
        PID:3508
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        258⤵
        
        PID:3516
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        259⤵
        
        PID:3524
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        260⤵
        
        PID:3532
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        261⤵
        
        PID:3540
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        262⤵
        
        PID:3548
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        263⤵
        
        PID:3556
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        264⤵
        
        PID:3564
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        265⤵
        
        PID:3572
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        266⤵
        
        PID:3580
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        267⤵
        
        PID:3588
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        268⤵
        
        PID:3596
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        269⤵
        
        PID:3604
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        270⤵
        
        PID:3612
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        271⤵
        
        PID:3620
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        272⤵
        
        PID:3628
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        273⤵
        
        PID:3636
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        274⤵
        
        PID:3644
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        275⤵
        Drops file in System32 directory
        
        PID:3652
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        276⤵
        
        PID:3660
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        277⤵
        
        PID:3668
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        278⤵
        
        PID:3676
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        279⤵
        
        PID:3684
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        280⤵
        
        PID:3692
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        281⤵
        
        PID:3700
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        282⤵
        
        PID:3708
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        283⤵
        
        PID:3716
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        284⤵
        
        PID:3724
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        285⤵
        
        PID:3732
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        286⤵
        
        PID:3740
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        287⤵
        
        PID:3748
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        288⤵
        
        PID:3756
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        289⤵
        Drops file in System32 directory
        
        PID:3764
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        290⤵
        Drops file in System32 directory
        
        PID:3772
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        291⤵
        
        PID:3780
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        292⤵
        
        PID:3788
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        293⤵
        
        PID:3796
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        294⤵
        
        PID:3804
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        295⤵
        
        PID:3812
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        296⤵
        Drops file in System32 directory
        
        PID:3820
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        297⤵
        
        PID:3828
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        298⤵
        
        PID:3836
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        299⤵
        
        PID:3844
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        300⤵
        
        PID:3852
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        301⤵
        
        PID:3860
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        302⤵
        
        PID:3868
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        303⤵
        
        PID:3876
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        304⤵
        
        PID:3884
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        305⤵
        
        PID:3892
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        306⤵
        
        PID:3900
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        307⤵
        
        PID:3908
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        308⤵
        
        PID:3916
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        309⤵
        
        PID:3924
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        310⤵
        
        PID:3932
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        311⤵
        
        PID:3940
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        312⤵
        
        PID:3948
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        313⤵
        
        PID:3956
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        314⤵
        
        PID:3964
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        315⤵
        
        PID:3972
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        316⤵
        
        PID:3980
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        317⤵
        
        PID:3988
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        318⤵
        
        PID:3996
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        319⤵
        
        PID:4004
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        320⤵
        
        PID:4012
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        321⤵
        
        PID:4020
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        322⤵
        
        PID:4028
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        323⤵
        
        PID:4036
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        324⤵
        
        PID:4044
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        325⤵
        Drops file in System32 directory
        
        PID:4052
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        326⤵
        
        PID:4060
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        327⤵
        
        PID:4068
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        328⤵
        
        PID:4076
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        329⤵
        
        PID:4084
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        330⤵
        
        PID:4092
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        331⤵
        
        PID:4100
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        332⤵
        
        PID:4108
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        333⤵
        
        PID:4116
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        334⤵
        Drops file in System32 directory
        
        PID:4124
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        335⤵
        
        PID:4132
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        336⤵
        
        PID:4140
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        337⤵
        
        PID:4148
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        338⤵
        
        PID:4156
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        339⤵
        
        PID:4164
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        340⤵
        
        PID:4172
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        341⤵
        
        PID:4180
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        342⤵
        
        PID:4188
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        343⤵
        
        PID:4196
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        344⤵
        Drops file in System32 directory
        
        PID:4204
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        345⤵
        
        PID:4212
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        346⤵
        
        PID:4220
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        347⤵
        
        PID:4228
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        348⤵
        
        PID:4236
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        349⤵
        
        PID:4244
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        350⤵
        
        PID:4252
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        351⤵
        
        PID:4260
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        352⤵
        
        PID:4268
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        353⤵
        
        PID:4276
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        354⤵
        
        PID:4284
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        355⤵
        Drops file in System32 directory
        
        PID:4292
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        356⤵
        
        PID:4300
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        357⤵
        Drops file in System32 directory
        
        PID:4308
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        358⤵
        
        PID:4316
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        359⤵
        
        PID:4324
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        360⤵
        
        PID:4332
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        361⤵
        
        PID:4340
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        362⤵
        
        PID:4348
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        363⤵
        
        PID:4356
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        364⤵
        
        PID:4364
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        365⤵
        
        PID:4372
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        366⤵
        
        PID:4380
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        367⤵
        
        PID:4388
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        368⤵
        
        PID:4396
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        369⤵
        
        PID:4404
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        370⤵
        
        PID:4412
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        371⤵
        
        PID:4420
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        372⤵
        
        PID:4428
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        373⤵
        
        PID:4436
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        374⤵
        
        PID:4444
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        375⤵
        
        PID:4452
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        376⤵
        
        PID:4460
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        377⤵
        
        PID:4468
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        378⤵
        
        PID:4476
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        379⤵
        
        PID:4484
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        380⤵
        
        PID:4492
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        381⤵
        
        PID:4500
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        382⤵
        
        PID:4508
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        383⤵
        
        PID:4516
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        384⤵
        
        PID:4524
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        385⤵
        
        PID:4532
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        386⤵
        
        PID:4540
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        387⤵
        
        PID:4548
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        388⤵
        
        PID:4556
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        389⤵
        
        PID:4564
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        390⤵
        
        PID:4572
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        391⤵
        
        PID:4580
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        392⤵
        
        PID:4588
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        393⤵
        
        PID:4596
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        394⤵
        
        PID:4604
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        395⤵
        
        PID:4612
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        396⤵
        
        PID:4620
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        397⤵
        
        PID:4628
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        398⤵
        
        PID:4636
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        399⤵
        
        PID:4644
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        400⤵
        
        PID:4652
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        401⤵
        
        PID:4660
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        402⤵
        
        PID:4668
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        403⤵
        
        PID:4676
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        404⤵
        
        PID:4684
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        405⤵
        
        PID:4692
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        406⤵
        
        PID:4700
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        407⤵
        
        PID:4708
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        408⤵
        
        PID:4716
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        409⤵
        
        PID:4724
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        410⤵
        
        PID:4732
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        411⤵
        
        PID:4740
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        412⤵
        Drops file in System32 directory
        
        PID:4748
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        413⤵
        
        PID:4756
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        414⤵
        
        PID:4764
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        415⤵
        Drops file in System32 directory
        
        PID:4772
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        416⤵
        
        PID:4780
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        417⤵
        
        PID:4788
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        418⤵
        
        PID:4796
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        419⤵
        
        PID:4804
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        420⤵
        
        PID:4812
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        421⤵
        
        PID:4820
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        422⤵
        
        PID:4828
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        423⤵
        
        PID:4836
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        424⤵
        
        PID:4844
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        425⤵
        
        PID:4852
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        426⤵
        
        PID:4860
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        427⤵
        Drops file in System32 directory
        
        PID:4868
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        428⤵
        
        PID:4876
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        429⤵
        
        PID:4884
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        430⤵
        
        PID:4892
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        431⤵
        
        PID:4900
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        432⤵
        
        PID:4908
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        433⤵
        
        PID:4916
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        434⤵
        
        PID:4924
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        435⤵
        
        PID:4932
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        436⤵
        
        PID:4940
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        437⤵
        
        PID:4948
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        438⤵
        
        PID:4956
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        439⤵
        
        PID:4964
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        440⤵
        
        PID:4972
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        441⤵
        
        PID:4980
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        442⤵
        
        PID:4988
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        443⤵
        
        PID:4996
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        444⤵
        
        PID:5004
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        445⤵
        
        PID:5012
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        446⤵
        
        PID:5020
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        447⤵
        
        PID:5028
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        448⤵
        
        PID:5036
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        449⤵
        
        PID:5044
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        450⤵
        
        PID:5052
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        451⤵
        
        PID:5060
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        452⤵
        
        PID:5068
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        453⤵
        
        PID:5076
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        454⤵
        
        PID:5084
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        455⤵
        
        PID:5092
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        456⤵
        
        PID:5100
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        457⤵
        
        PID:5108
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        458⤵
        
        PID:5116
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        459⤵
        
        PID:5128
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        460⤵
        
        PID:5136
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        461⤵
        
        PID:5144
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        462⤵
        
        PID:5152
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        463⤵
        
        PID:5160
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        464⤵
        
        PID:5168
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        465⤵
        
        PID:5176
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        466⤵
        
        PID:5184
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        467⤵
        
        PID:5192
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        468⤵
        
        PID:5200
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        469⤵
        
        PID:5208
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        470⤵
        
        PID:5216
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        471⤵
        
        PID:5224
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        472⤵
        
        PID:5232
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        473⤵
        
        PID:5240
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        474⤵
        
        PID:5248
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        475⤵
        
        PID:5256
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        476⤵
        
        PID:5264
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        477⤵
        
        PID:5272
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        478⤵
        
        PID:5280
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        479⤵
        
        PID:5288
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        480⤵
        
        PID:5296
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        481⤵
        
        PID:5304
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        482⤵
        
        PID:5312
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        483⤵
        
        PID:5320
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        484⤵
        Drops file in System32 directory
        
        PID:5328
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        485⤵
        
        PID:5336
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        486⤵
        
        PID:5344
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        487⤵
        
        PID:5352
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        488⤵
        
        PID:5360
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        489⤵
        
        PID:5368
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        490⤵
        
        PID:5376
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        491⤵
        
        PID:5384
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        492⤵
        
        PID:5392
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        493⤵
        
        PID:5400
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        494⤵
        Drops file in System32 directory
        
        PID:5408
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        495⤵
        
        PID:5416
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        496⤵
        
        PID:5424
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        497⤵
        
        PID:5432
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        498⤵
        
        PID:5440
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        499⤵
        
        PID:5448
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        500⤵
        
        PID:5456
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        501⤵
        
        PID:5464
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        502⤵
        Drops file in System32 directory
        
        PID:5472
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        503⤵
        
        PID:5480
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        504⤵
        
        PID:5488
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        505⤵
        
        PID:5496
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        506⤵
        
        PID:5504
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        507⤵
        
        PID:5512
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        508⤵
        
        PID:5520
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        509⤵
        
        PID:5528
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        510⤵
        
        PID:5536
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        511⤵
        
        PID:5544
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        512⤵
        
        PID:5552
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        513⤵
        
        PID:5560
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        514⤵
        
        PID:5568
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        515⤵
        
        PID:5576
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        516⤵
        
        PID:5584
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        517⤵
        
        PID:5592
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        518⤵
        
        PID:5600
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        519⤵
        
        PID:5608
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        520⤵
        Drops file in System32 directory
        
        PID:5616
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        521⤵
        
        PID:5624
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        522⤵
        
        PID:5632
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        523⤵
        Drops file in System32 directory
        
        PID:5640
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        524⤵
        Drops file in System32 directory
        
        PID:5648
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        525⤵
        
        PID:5656
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        526⤵
        
        PID:5664
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        527⤵
        
        PID:5672
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        528⤵
        
        PID:5680
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        529⤵
        
        PID:5688
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        530⤵
        
        PID:5696
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        531⤵
        
        PID:5704
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        532⤵
        
        PID:5712
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        533⤵
        
        PID:5720
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        534⤵
        
        PID:5728
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        535⤵
        
        PID:5736
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        536⤵
        
        PID:5744
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        537⤵
        
        PID:5752
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        538⤵
        
        PID:5760
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        539⤵
        
        PID:5768
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        540⤵
        
        PID:5776
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        541⤵
        
        PID:5784
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        542⤵
        
        PID:5792
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        543⤵
        
        PID:5800
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        544⤵
        
        PID:5808
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        545⤵
        
        PID:5816
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        546⤵
        
        PID:5824
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        547⤵
        
        PID:5832
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        548⤵
        Drops file in System32 directory
        
        PID:5840
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        549⤵
        
        PID:5848
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        550⤵
        
        PID:5856
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        551⤵
        
        PID:5864
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        552⤵
        
        PID:5872
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        553⤵
        
        PID:5880
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        554⤵
        
        PID:5888
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        555⤵
        
        PID:5896
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        556⤵
        
        PID:5904
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        557⤵
        
        PID:5912
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        558⤵
        
        PID:5920
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        559⤵
        
        PID:5928
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        560⤵
        Drops file in System32 directory
        
        PID:5936
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        561⤵
        Drops file in System32 directory
        
        PID:5944
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        562⤵
        
        PID:5952
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        563⤵
        
        PID:5960
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        564⤵
        
        PID:5968
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        565⤵
        
        PID:5976
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        566⤵
        
        PID:5984
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        567⤵
        
        PID:5992
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        568⤵
        
        PID:6000
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        569⤵
        
        PID:6008
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        570⤵
        
        PID:6016
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        571⤵
        
        PID:6024
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        572⤵
        
        PID:6032
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        573⤵
        
        PID:6040
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        574⤵
        
        PID:6048
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        575⤵
        
        PID:6056
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        576⤵
        
        PID:6064
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        577⤵
        
        PID:6072
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        578⤵
        
        PID:6080
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        579⤵
        
        PID:6088
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        580⤵
        
        PID:6096
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        581⤵
        
        PID:6104
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        582⤵
        
        PID:6112
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        583⤵
        
        PID:6120
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        584⤵
        
        PID:6128
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        585⤵
        
        PID:6136
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        586⤵
        
        PID:1000
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        587⤵
        
        PID:6152
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        588⤵
        
        PID:6160
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        589⤵
        
        PID:6168
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        590⤵
        
        PID:6176
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        591⤵
        
        PID:6184
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        592⤵
        
        PID:6192
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        593⤵
        
        PID:6200
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        594⤵
        
        PID:6208
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        595⤵
        
        PID:6216
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        596⤵
        Drops file in System32 directory
        
        PID:6224
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        597⤵
        Drops file in System32 directory
        
        PID:6232
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        598⤵
        Drops file in System32 directory
        
        PID:6240
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        599⤵
        
        PID:6248
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        600⤵
        
        PID:6256
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        601⤵
        
        PID:6264
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        602⤵
        
        PID:6272
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        603⤵
        
        PID:6280
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        604⤵
        
        PID:6288
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        605⤵
        
        PID:6296
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        606⤵
        
        PID:6304
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        607⤵
        
        PID:6312
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        608⤵
        
        PID:6320
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        609⤵
        
        PID:6328
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        610⤵
        
        PID:6336
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        611⤵
        
        PID:6344
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        612⤵
        
        PID:6352
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        613⤵
        
        PID:6360
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        614⤵
        
        PID:6368
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        615⤵
        
        PID:6376
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        616⤵
        
        PID:6384
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        617⤵
        
        PID:6392
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        618⤵
        
        PID:6400
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        619⤵
        
        PID:6408
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        620⤵
        
        PID:6416
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        621⤵
        
        PID:6424
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        622⤵
        
        PID:6432
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        623⤵
        
        PID:6440
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        624⤵
        Drops file in System32 directory
        
        PID:6448
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        625⤵
        
        PID:6456
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        626⤵
        
        PID:6464
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        627⤵
        
        PID:6472
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        628⤵
        
        PID:6480
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        629⤵
        
        PID:6488
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        630⤵
        
        PID:6496
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        631⤵
        
        PID:6504
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        632⤵
        
        PID:6512
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        633⤵
        
        PID:6520
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        634⤵
        
        PID:6528
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        635⤵
        
        PID:6536
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        636⤵
        
        PID:6544
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        637⤵
        
        PID:6552
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        638⤵
        
        PID:6560
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        639⤵
        Drops file in System32 directory
        
        PID:6568
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        640⤵
        
        PID:6576
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        641⤵
        
        PID:6584
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        642⤵
        
        PID:6592
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        643⤵
        
        PID:6600
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        644⤵
        
        PID:6608
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        645⤵
        
        PID:6616
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        646⤵
        
        PID:6624
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        647⤵
        
        PID:6636
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        648⤵
        
        PID:6644
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        649⤵
        
        PID:6656
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        650⤵
        
        PID:6664
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        651⤵
        
        PID:6676
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        652⤵
        
        PID:6684
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        653⤵
        
        PID:6692
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        654⤵
        
        PID:6704
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        655⤵
        
        PID:6712
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        656⤵
        
        PID:6720
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        657⤵
        
        PID:6728
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        658⤵
        
        PID:6736
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        659⤵
        
        PID:6744
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        660⤵
        
        PID:6752
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        661⤵
        
        PID:6760
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        662⤵
        
        PID:6768
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        663⤵
        
        PID:6776
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        664⤵
        
        PID:6788
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        665⤵
        
        PID:6796
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        666⤵
        
        PID:6804
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        667⤵
        
        PID:6812
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        668⤵
        
        PID:6820
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        669⤵
        
        PID:6828
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        670⤵
        
        PID:6836
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        671⤵
        
        PID:6848
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        672⤵
        
        PID:6856
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        673⤵
        
        PID:6864
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        674⤵
        
        PID:6872
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        675⤵
        
        PID:6884
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        676⤵
        
        PID:6892
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        677⤵
        
        PID:6900
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        678⤵
        
        PID:6908
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        679⤵
        
        PID:6916
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        680⤵
        
        PID:6924
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        681⤵
        
        PID:6932
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        682⤵
        
        PID:6944
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        683⤵
        
        PID:6952
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        684⤵
        
        PID:6960
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        685⤵
        
        PID:6968
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        686⤵
        
        PID:6976
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        687⤵
        
        PID:6988
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        688⤵
        
        PID:6996
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        689⤵
        
        PID:7008
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        690⤵
        
        PID:7016
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        691⤵
        
        PID:7024
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        692⤵
        
        PID:7032
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        693⤵
        Drops file in System32 directory
        
        PID:7040
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        694⤵
        
        PID:7052
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        695⤵
        
        PID:7060
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        696⤵
        
        PID:7068
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        697⤵
        
        PID:7076
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        698⤵
        
        PID:7084
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        699⤵
        Drops file in System32 directory
        
        PID:7092
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        700⤵
        
        PID:7100
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        701⤵
        
        PID:7108
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        702⤵
        
        PID:7116
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        703⤵
        
        PID:7124
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        704⤵
        
        PID:7136
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        705⤵
        
        PID:7144
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        706⤵
        
        PID:7152
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        707⤵
        
        PID:7160
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        708⤵
        Drops file in System32 directory
        
        PID:2240
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        709⤵
        
        PID:2164
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        710⤵
        
        PID:6672
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        711⤵
        
        PID:2228
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        712⤵
        
        PID:1924
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        713⤵
        
        PID:6784
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        714⤵
        
        PID:6844
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        715⤵
        
        PID:1900
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        716⤵
        
        PID:2648
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        717⤵
        
        PID:6940
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        718⤵
        
        PID:6984
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        719⤵
        
        PID:2632
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        720⤵
        
        PID:2892
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        721⤵
        
        PID:7048
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        722⤵
        
        PID:2676
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        723⤵
        
        PID:2612
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        724⤵
        
        PID:2512
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        725⤵
        
        PID:2680
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        726⤵
        
        PID:2572
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        727⤵
        
        PID:2964
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        728⤵
        
        PID:2976
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        729⤵
        
        PID:7180
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        730⤵
        
        PID:7196
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        731⤵
        
        PID:7220
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        732⤵
        
        PID:7228
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        733⤵
        
        PID:7236
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        734⤵
        
        PID:7252
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        735⤵
        
        PID:7260
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        736⤵
        
        PID:7284
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        737⤵
        
        PID:7300
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        738⤵
        
        PID:7312
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        739⤵
        
        PID:7328
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        740⤵
        
        PID:7336

C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
1⤵
PID:7356
- C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
  C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
  2⤵
  PID:7364
- - C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
    C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
    3⤵
    PID:7372
  - - C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
      C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
      4⤵
      PID:7380
    - - C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        5⤵
        
        PID:7388
      - C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        6⤵
        
        PID:7396
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        7⤵
        
        PID:7404
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        8⤵
        
        PID:7412
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        9⤵
        
        PID:7420
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        10⤵
        
        PID:7428
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        11⤵
        
        PID:7436
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        12⤵
        
        PID:7444
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        13⤵
        
        PID:7456
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        14⤵
        
        PID:7464
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        15⤵
        
        PID:7472
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        16⤵
        
        PID:7480
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        17⤵
        
        PID:7488
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        18⤵
        
        PID:7496
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        19⤵
        
        PID:7504
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        20⤵
        
        PID:7512
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        21⤵
        
        PID:7520
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        22⤵
        
        PID:7532
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        23⤵
        
        PID:7540
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        24⤵
        Drops file in System32 directory
        
        PID:7548
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        25⤵
        
        PID:7556
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        26⤵
        
        PID:7564
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        27⤵
        
        PID:7572
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        28⤵
        
        PID:7584
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        29⤵
        
        PID:7592
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        30⤵
        
        PID:7600
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        31⤵
        
        PID:7608
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        32⤵
        
        PID:7616
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        33⤵
        
        PID:7624
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        34⤵
        
        PID:7632
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        35⤵
        
        PID:7640
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        36⤵
        
        PID:7648
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        37⤵
        
        PID:7660
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        38⤵
        
        PID:7668
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        39⤵
        
        PID:7676
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        40⤵
        
        PID:7684
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        41⤵
        
        PID:7692
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        42⤵
        
        PID:7700
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        43⤵
        
        PID:7708
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        44⤵
        
        PID:7716
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        45⤵
        
        PID:7724
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        46⤵
        
        PID:7732
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        47⤵
        
        PID:7740
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        48⤵
        
        PID:7748
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        49⤵
        
        PID:7760
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        50⤵
        
        PID:7768
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        51⤵
        
        PID:7776
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        52⤵
        
        PID:7784
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        53⤵
        
        PID:808
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        54⤵
        
        PID:7800
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        55⤵
        
        PID:7808
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        56⤵
        
        PID:2468
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        57⤵
        
        PID:7816
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        58⤵
        
        PID:7212
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        59⤵
        
        PID:2872
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        60⤵
        
        PID:2144
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        61⤵
        
        PID:7824
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        62⤵
        
        PID:2840
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        63⤵
        
        PID:1668
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        64⤵
        
        PID:7832
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        65⤵
        
        PID:2820
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        66⤵
        
        PID:2012
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        67⤵
        
        PID:7840
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        68⤵
        
        PID:1528
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        69⤵
        
        PID:7848
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        70⤵
        
        PID:2836
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        71⤵
        
        PID:320
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        72⤵
        
        PID:1636
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        73⤵
        
        PID:7856
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        74⤵
        
        PID:2812
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        75⤵
        
        PID:7864
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        76⤵
        
        PID:2060
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        77⤵
        
        PID:2444
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        78⤵
        
        PID:7884
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        79⤵
        
        PID:2268
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        80⤵
        
        PID:1864
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        81⤵
        
        PID:472
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        82⤵
        
        PID:1508
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        83⤵
        
        PID:7896
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        84⤵
        
        PID:2856
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        85⤵
        
        PID:1096
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        86⤵
        
        PID:7880
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        87⤵
        
        PID:7868
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        88⤵
        
        PID:2992
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        89⤵
        
        PID:1632
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        90⤵
        
        PID:2832
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        91⤵
        
        PID:2440
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        92⤵
        
        PID:1128
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        93⤵
        
        PID:2172
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        94⤵
        
        PID:7940
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        95⤵
        
        PID:568
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        96⤵
        
        PID:1500
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        97⤵
        
        PID:1084
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        98⤵
        
        PID:7964
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        99⤵
        
        PID:772
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        100⤵
        
        PID:984
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        101⤵
        
        PID:2408
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        102⤵
        
        PID:952
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        103⤵
        
        PID:7996
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        104⤵
        
        PID:2104
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        105⤵
        
        PID:2036
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        106⤵
        
        PID:8012
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        107⤵
        
        PID:2924
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        108⤵
        
        PID:1692
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        109⤵
        
        PID:8020
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        110⤵
        
        PID:2760
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        111⤵
        
        PID:992
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        112⤵
        
        PID:8028
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        113⤵
        
        PID:1452
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        114⤵
        
        PID:8036
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        115⤵
        
        PID:1596
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        116⤵
        
        PID:1532
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        117⤵
        
        PID:1168
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        118⤵
        
        PID:8044
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        119⤵
        
        PID:1420
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        120⤵
        
        PID:1312
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        121⤵
        
        PID:8052
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        122⤵
        
        PID:1616
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        123⤵
        
        PID:1816
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        124⤵
        
        PID:8060
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        125⤵
        
        PID:296
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        126⤵
        
        PID:8068
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        127⤵
        
        PID:2288
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        128⤵
        
        PID:1812
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        129⤵
        
        PID:8076
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        130⤵
        
        PID:1648
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        131⤵
        
        PID:3064
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        132⤵
        
        PID:896
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        133⤵
        
        PID:8084
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        134⤵
        
        PID:1676
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        135⤵
        
        PID:1652
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        136⤵
        
        PID:8092
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        137⤵
        
        PID:996
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        138⤵
        
        PID:612
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        139⤵
        
        PID:8100
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        140⤵
        
        PID:1224
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        141⤵
        
        PID:564
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        142⤵
        
        PID:8108
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        143⤵
        
        PID:1788
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        144⤵
        
        PID:8116
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        145⤵
        
        PID:2848
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        146⤵
        
        PID:2928
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        147⤵
        
        PID:1412
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        148⤵
        
        PID:8124
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        149⤵
        
        PID:2088
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        150⤵
        
        PID:8132
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        151⤵
        
        PID:1724
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        152⤵
        
        PID:2888
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        153⤵
        
        PID:556
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        154⤵
        
        PID:8140
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        155⤵
        
        PID:3024
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        156⤵
        
        PID:2944
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        157⤵
        
        PID:8148
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        158⤵
        
        PID:304
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        159⤵
        
        PID:2116
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        160⤵
        
        PID:8156
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        161⤵
        
        PID:3008
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        162⤵
        
        PID:2248
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        163⤵
        
        PID:8164
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        164⤵
        
        PID:1684
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        165⤵
        
        PID:8172
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        166⤵
        
        PID:2956
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        167⤵
        
        PID:2932
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        168⤵
        
        PID:2384
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        169⤵
        
        PID:8180
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        170⤵
        
        PID:1688
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        171⤵
        
        PID:3012
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        172⤵
        
        PID:8188
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        173⤵
        
        PID:1956
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        174⤵
        
        PID:1948
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        175⤵
        
        PID:880
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        176⤵
        
        PID:1608
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        177⤵
        
        PID:1908
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        178⤵
        
        PID:2900
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        179⤵
        
        PID:2588
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        180⤵
        
        PID:1720
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        181⤵
        
        PID:7452
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        182⤵
        
        PID:1592
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        183⤵
        
        PID:1892
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        184⤵
        
        PID:1976
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        185⤵
        
        PID:2208
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        186⤵
        
        PID:2452
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        187⤵
        
        PID:1332
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        188⤵
        
        PID:1488
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        189⤵
        
        PID:2224
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        190⤵
        
        PID:2076
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        191⤵
        
        PID:2220
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        192⤵
        
        PID:2236
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        193⤵
        
        PID:2344
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        194⤵
        
        PID:924
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        195⤵
        
        PID:1896
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        196⤵
        
        PID:2080
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        197⤵
        
        PID:2320
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        198⤵
        
        PID:1072
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        199⤵
        
        PID:2204
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        200⤵
        
        PID:2580
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        201⤵
        
        PID:2252
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        202⤵
        
        PID:3044
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        203⤵
        
        PID:3068
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        204⤵
        
        PID:2260
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        205⤵
        
        PID:2644
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        206⤵
        
        PID:2724
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        207⤵
        
        PID:2712
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        208⤵
        
        PID:1916
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        209⤵
        
        PID:2624
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        210⤵
        
        PID:2708
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        211⤵
        
        PID:2264
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        212⤵
        
        PID:2804
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        213⤵
        
        PID:2660
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        214⤵
        
        PID:2844
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        215⤵
        
        PID:2464
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        216⤵
        
        PID:2524
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        217⤵
        
        PID:756
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        218⤵
        
        PID:2500
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        219⤵
        
        PID:2692
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        220⤵
        
        PID:3016
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        221⤵
        
        PID:1112
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        222⤵
        
        PID:2528
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        223⤵
        
        PID:2620
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        224⤵
        
        PID:2564
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        225⤵
        
        PID:2560
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        226⤵
        
        PID:2788
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        227⤵
        
        PID:2672
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        228⤵
        
        PID:2972
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        229⤵
        
        PID:2984
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        230⤵
        
        PID:2552
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        231⤵
        
        PID:1288
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        232⤵
        
        PID:2556
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        233⤵
        
        PID:1928
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        234⤵
        
        PID:2148
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        235⤵
        
        PID:2428
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        236⤵
        
        PID:1680
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        237⤵
        
        PID:1944
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        238⤵
        
        PID:892
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        239⤵
        
        PID:752
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        240⤵
        
        PID:540
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        241⤵
        
        PID:1904
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        242⤵
        
        PID:364
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        243⤵
        
        PID:1172
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        244⤵
        
        PID:2448
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        245⤵
        
        PID:1100
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        246⤵
        
        PID:2768
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        247⤵
        
        PID:2016
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        248⤵
        
        PID:1996
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        249⤵
        
        PID:1716
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        250⤵
        
        PID:1380
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        251⤵
        
        PID:1752
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        252⤵
        
        PID:1912
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        253⤵
        
        PID:2396
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        254⤵
        
        PID:1148
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        255⤵
        
        PID:1572
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        256⤵
        
        PID:2484
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        257⤵
        
        PID:3084
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        258⤵
        
        PID:2548
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        259⤵
        
        PID:592
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        260⤵
        
        PID:3076
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        261⤵
        
        PID:584
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        262⤵
        
        PID:3100
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        263⤵
        
        PID:3092
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        264⤵
        
        PID:3116
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        265⤵
        
        PID:3108
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        266⤵
        
        PID:3124
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        267⤵
        
        PID:3132
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        268⤵
        
        PID:3148
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        269⤵
        
        PID:3164
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        270⤵
        
        PID:3172
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        271⤵
        
        PID:3140
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        272⤵
        
        PID:3156
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        273⤵
        
        PID:3188
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        274⤵
        
        PID:3204
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        275⤵
        
        PID:3180
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        276⤵
        
        PID:3196
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        277⤵
        
        PID:3212
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        278⤵
        
        PID:3284
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        279⤵
        
        PID:3236
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        280⤵
        
        PID:3268
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        281⤵
        
        PID:3220
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        282⤵
        
        PID:3260
        
        C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        
        C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
        283⤵
        
        PID:3244

C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
C:\Windows\system32\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
1⤵
PID:7348

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Filesize
696KB

MD5
6c4afbb266c4c09ca6ec58a0d7716bf1

SHA1
9309c83062a2cd154776f1a2d4720be008404760

SHA256
9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b

SHA512
5117bcca2a9b98bb9863d98b0a037cb58c97a7614682735f794b7db2b0c30a122777cef5e1d577b8eaada094ba31b6c2edca0bdbf31597b4fd8704ff0be74bec

Download Submit
memory/808-114-0x0000000000400000-0x00000000004AE000-memory.dmp

Filesize
696KB

Download
memory/808-118-0x0000000001F80000-0x000000000202E000-memory.dmp

Filesize
696KB

Download
memory/868-120-0x0000000002E20000-0x0000000002ECE000-memory.dmp

Filesize
696KB

Download
memory/868-119-0x0000000000400000-0x00000000004AE000-memory.dmp

Filesize
696KB

Download
memory/1700-113-0x0000000002D90000-0x0000000002E3E000-memory.dmp

Filesize
696KB

Download
memory/1700-111-0x0000000000400000-0x00000000004AE000-memory.dmp

Filesize
696KB

Download
memory/1900-37-0x0000000000220000-0x0000000000221000-memory.dmp

Filesize
4KB

Download
memory/1900-32-0x0000000000400000-0x00000000004AE000-memory.dmp

Filesize
696KB

Download
memory/1948-107-0x0000000000230000-0x0000000000231000-memory.dmp

Filesize
4KB

Download
memory/1948-109-0x0000000001F30000-0x0000000001FDE000-memory.dmp

Filesize
696KB

Download
memory/1992-121-0x0000000002000000-0x00000000020AE000-memory.dmp

Filesize
696KB

Download
memory/2052-0-0x0000000000400000-0x00000000004AE000-memory.dmp

Filesize
696KB

Download
memory/2052-35-0x0000000000400000-0x00000000004AE000-memory.dmp

Filesize
696KB

Download
memory/2052-1-0x0000000000300000-0x0000000000301000-memory.dmp

Filesize
4KB

Download
memory/2052-55-0x0000000000300000-0x0000000000301000-memory.dmp

Filesize
4KB

Download
memory/2052-131-0x0000000000400000-0x00000000004AE000-memory.dmp

Filesize
696KB

Download
memory/2068-15-0x0000000002020000-0x00000000020CE000-memory.dmp

Filesize
696KB

Download
memory/2068-132-0x0000000000400000-0x00000000004AE000-memory.dmp

Filesize
696KB

Download
memory/2068-10-0x0000000000400000-0x00000000004AE000-memory.dmp

Filesize
696KB

Download
memory/2068-11-0x0000000000240000-0x0000000000241000-memory.dmp

Filesize
4KB

Download
memory/2188-123-0x0000000002CA0000-0x0000000002D4E000-memory.dmp

Filesize
696KB

Download
memory/2188-122-0x0000000000400000-0x00000000004AE000-memory.dmp

Filesize
696KB

Download
memory/2228-19-0x0000000000220000-0x0000000000221000-memory.dmp

Filesize
4KB

Download
memory/2228-21-0x0000000000400000-0x00000000004AE000-memory.dmp

Filesize
696KB

Download
memory/2232-22-0x0000000000400000-0x00000000004AE000-memory.dmp

Filesize
696KB

Download
memory/2232-23-0x0000000000220000-0x0000000000221000-memory.dmp

Filesize
4KB

Download
memory/2432-81-0x0000000000400000-0x00000000004AE000-memory.dmp

Filesize
696KB

Download
memory/2432-127-0x00000000029F0000-0x0000000002A9E000-memory.dmp

Filesize
696KB

Download
memory/2432-126-0x0000000000220000-0x0000000000221000-memory.dmp

Filesize
4KB

Download
memory/2432-84-0x00000000029F0000-0x0000000002A9E000-memory.dmp

Filesize
696KB

Download
memory/2508-87-0x0000000000400000-0x00000000004AE000-memory.dmp

Filesize
696KB

Download
memory/2508-128-0x0000000000240000-0x0000000000241000-memory.dmp

Filesize
4KB

Download
memory/2508-88-0x0000000002CC0000-0x0000000002D6E000-memory.dmp

Filesize
696KB

Download
memory/2508-89-0x0000000002CC0000-0x0000000002D6E000-memory.dmp

Filesize
696KB

Download
memory/2572-93-0x0000000000230000-0x0000000000231000-memory.dmp

Filesize
4KB

Download
memory/2572-90-0x0000000000400000-0x00000000004AE000-memory.dmp

Filesize
696KB

Download
memory/2572-95-0x0000000002CC0000-0x0000000002D6E000-memory.dmp

Filesize
696KB

Download
memory/2572-94-0x0000000002CC0000-0x0000000002D6E000-memory.dmp

Filesize
696KB

Download
memory/2616-67-0x0000000000400000-0x00000000004AE000-memory.dmp

Filesize
696KB

Download
memory/2616-124-0x0000000002D60000-0x0000000002E0E000-memory.dmp

Filesize
696KB

Download
memory/2616-73-0x0000000002D60000-0x0000000002E0E000-memory.dmp

Filesize
696KB

Download
memory/2628-60-0x0000000000220000-0x0000000000221000-memory.dmp

Filesize
4KB

Download
memory/2628-52-0x0000000000400000-0x00000000004AE000-memory.dmp

Filesize
696KB

Download
memory/2632-49-0x0000000000400000-0x00000000004AE000-memory.dmp

Filesize
696KB

Download
memory/2632-50-0x00000000029D0000-0x0000000002A7E000-memory.dmp

Filesize
696KB

Download
memory/2632-64-0x0000000000320000-0x0000000000321000-memory.dmp

Filesize
4KB

Download
memory/2632-51-0x00000000029D0000-0x0000000002A7E000-memory.dmp

Filesize
696KB

Download
memory/2676-80-0x0000000002CE0000-0x0000000002D8E000-memory.dmp

Filesize
696KB

Download
memory/2676-79-0x0000000002CE0000-0x0000000002D8E000-memory.dmp

Filesize
696KB

Download
memory/2676-125-0x0000000000400000-0x00000000004AE000-memory.dmp

Filesize
696KB

Download
memory/2676-78-0x0000000000300000-0x0000000000301000-memory.dmp

Filesize
4KB

Download
memory/2680-29-0x00000000003D0000-0x00000000003D1000-memory.dmp

Filesize
4KB

Download
memory/2680-27-0x0000000000400000-0x00000000004AE000-memory.dmp

Filesize
696KB

Download
memory/2772-62-0x0000000001ED0000-0x0000000001F7E000-memory.dmp

Filesize
696KB

Download
memory/2772-44-0x0000000000400000-0x00000000004AE000-memory.dmp

Filesize
696KB

Download
memory/2772-61-0x0000000000220000-0x0000000000221000-memory.dmp

Filesize
4KB

Download
memory/2772-47-0x0000000001ED0000-0x0000000001F7E000-memory.dmp

Filesize
696KB

Download
memory/2964-102-0x00000000020B0000-0x000000000215E000-memory.dmp

Filesize
696KB

Download
memory/2964-100-0x00000000020B0000-0x000000000215E000-memory.dmp

Filesize
696KB

Download
memory/2964-97-0x0000000000230000-0x0000000000231000-memory.dmp

Filesize
4KB

Download
memory/2964-129-0x0000000000400000-0x00000000004AE000-memory.dmp

Filesize
696KB

Download
memory/2980-103-0x0000000000400000-0x00000000004AE000-memory.dmp

Filesize
696KB

Download
memory/2980-106-0x0000000002D40000-0x0000000002DEE000-memory.dmp

Filesize
696KB

Download
memory/2980-130-0x0000000000230000-0x0000000000231000-memory.dmp

Filesize
4KB

Download

description	ioc	Process
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	Process not Found
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	Process not Found
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	Process not Found
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	Process not Found
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	Process not Found
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	Process not Found
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	Process not Found
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	Process not Found
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	Process not Found
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	Process not Found
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	Process not Found
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	Process not Found
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	Process not Found
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	Process not Found
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	Process not Found
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	Process not Found
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	Process not Found
File created	C:\Windows\SysWOW64\9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe	9b7e5d2fdc7192256d81ce9e4d339dcdbfd453ad1059d3efd4a7d829f5d2608b.exe

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads