e24930916c5f02021f6bddb71e8f03737d060c2efd4982a87c3ce8a8820db417

Analysis

max time kernel
142s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
14/02/2024, 02:53

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

9a928ca410426d647db5ede0c96075c2.dll
Size

30KB
MD5

9a928ca410426d647db5ede0c96075c2
SHA1

ebffe624c20ca0721090a0d6dc4c15506e1bf4ab
SHA256

e24930916c5f02021f6bddb71e8f03737d060c2efd4982a87c3ce8a8820db417
SHA512

9606f3b989c55465bd6c461c0dea418364658bb2c451a65bbc05130eb855869c6ac2c5731898ca87d07c04023fca808e01e0236ab969ccb2bf62fd2423cf9262
SSDEEP

384:FLnif+j6aidFJ2FPvgrJe103G+LnA249QE6TuXLHHocbbjb41gt2c6gh3KMwwLWy:FDAa67f2FXcc3Q8XLHXbbHUfw3KEaTf0

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2948 wrote to memory of 4008	2948	rundll32.exe	84
PID 2948 wrote to memory of 4008	2948	rundll32.exe	84
PID 2948 wrote to memory of 4008	2948	rundll32.exe	84
PID 4008 wrote to memory of 4704	4008	rundll32.exe	85
PID 4008 wrote to memory of 4704	4008	rundll32.exe	85
PID 4008 wrote to memory of 4704	4008	rundll32.exe	85
PID 4704 wrote to memory of 4940	4704	rundll32.exe	86
PID 4704 wrote to memory of 4940	4704	rundll32.exe	86
PID 4704 wrote to memory of 4940	4704	rundll32.exe	86
PID 4940 wrote to memory of 4556	4940	rundll32.exe	87
PID 4940 wrote to memory of 4556	4940	rundll32.exe	87
PID 4940 wrote to memory of 4556	4940	rundll32.exe	87
PID 4556 wrote to memory of 2096	4556	rundll32.exe	88
PID 4556 wrote to memory of 2096	4556	rundll32.exe	88
PID 4556 wrote to memory of 2096	4556	rundll32.exe	88
PID 2096 wrote to memory of 3524	2096	rundll32.exe	89
PID 2096 wrote to memory of 3524	2096	rundll32.exe	89
PID 2096 wrote to memory of 3524	2096	rundll32.exe	89
PID 3524 wrote to memory of 4356	3524	rundll32.exe	90
PID 3524 wrote to memory of 4356	3524	rundll32.exe	90
PID 3524 wrote to memory of 4356	3524	rundll32.exe	90
PID 4356 wrote to memory of 5076	4356	rundll32.exe	91
PID 4356 wrote to memory of 5076	4356	rundll32.exe	91
PID 4356 wrote to memory of 5076	4356	rundll32.exe	91
PID 5076 wrote to memory of 2740	5076	rundll32.exe	92
PID 5076 wrote to memory of 2740	5076	rundll32.exe	92
PID 5076 wrote to memory of 2740	5076	rundll32.exe	92
PID 2740 wrote to memory of 2680	2740	rundll32.exe	93
PID 2740 wrote to memory of 2680	2740	rundll32.exe	93
PID 2740 wrote to memory of 2680	2740	rundll32.exe	93
PID 2680 wrote to memory of 1828	2680	rundll32.exe	94
PID 2680 wrote to memory of 1828	2680	rundll32.exe	94
PID 2680 wrote to memory of 1828	2680	rundll32.exe	94
PID 1828 wrote to memory of 2724	1828	rundll32.exe	95
PID 1828 wrote to memory of 2724	1828	rundll32.exe	95
PID 1828 wrote to memory of 2724	1828	rundll32.exe	95
PID 2724 wrote to memory of 1044	2724	rundll32.exe	96
PID 2724 wrote to memory of 1044	2724	rundll32.exe	96
PID 2724 wrote to memory of 1044	2724	rundll32.exe	96
PID 1044 wrote to memory of 4648	1044	rundll32.exe	97
PID 1044 wrote to memory of 4648	1044	rundll32.exe	97
PID 1044 wrote to memory of 4648	1044	rundll32.exe	97
PID 4648 wrote to memory of 1156	4648	rundll32.exe	98
PID 4648 wrote to memory of 1156	4648	rundll32.exe	98
PID 4648 wrote to memory of 1156	4648	rundll32.exe	98
PID 1156 wrote to memory of 1940	1156	rundll32.exe	99
PID 1156 wrote to memory of 1940	1156	rundll32.exe	99
PID 1156 wrote to memory of 1940	1156	rundll32.exe	99
PID 1940 wrote to memory of 3408	1940	rundll32.exe	100
PID 1940 wrote to memory of 3408	1940	rundll32.exe	100
PID 1940 wrote to memory of 3408	1940	rundll32.exe	100
PID 3408 wrote to memory of 3984	3408	rundll32.exe	101
PID 3408 wrote to memory of 3984	3408	rundll32.exe	101
PID 3408 wrote to memory of 3984	3408	rundll32.exe	101
PID 3984 wrote to memory of 3152	3984	rundll32.exe	102
PID 3984 wrote to memory of 3152	3984	rundll32.exe	102
PID 3984 wrote to memory of 3152	3984	rundll32.exe	102
PID 3152 wrote to memory of 1056	3152	rundll32.exe	103
PID 3152 wrote to memory of 1056	3152	rundll32.exe	103
PID 3152 wrote to memory of 1056	3152	rundll32.exe	103
PID 1056 wrote to memory of 368	1056	rundll32.exe	104
PID 1056 wrote to memory of 368	1056	rundll32.exe	104
PID 1056 wrote to memory of 368	1056	rundll32.exe	104
PID 368 wrote to memory of 1756	368	rundll32.exe	105

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2948
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
  2⤵
  - Suspicious use of WriteProcessMemory
  PID:4008
- - C:\Windows\SysWOW64\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
    3⤵
    - Suspicious use of WriteProcessMemory
    PID:4704
  - - C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
      4⤵
      Suspicious use of WriteProcessMemory
      PID:4940
    - - C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        5⤵
        Suspicious use of WriteProcessMemory
        
        PID:4556
      - C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        6⤵
        Suspicious use of WriteProcessMemory
        
        PID:2096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        7⤵
        Suspicious use of WriteProcessMemory
        
        PID:3524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        8⤵
        Suspicious use of WriteProcessMemory
        
        PID:4356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        9⤵
        Suspicious use of WriteProcessMemory
        
        PID:5076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        10⤵
        Suspicious use of WriteProcessMemory
        
        PID:2740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        11⤵
        Suspicious use of WriteProcessMemory
        
        PID:2680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        12⤵
        Suspicious use of WriteProcessMemory
        
        PID:1828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        13⤵
        Suspicious use of WriteProcessMemory
        
        PID:2724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        14⤵
        Suspicious use of WriteProcessMemory
        
        PID:1044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        15⤵
        Suspicious use of WriteProcessMemory
        
        PID:4648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        16⤵
        Suspicious use of WriteProcessMemory
        
        PID:1156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        17⤵
        Suspicious use of WriteProcessMemory
        
        PID:1940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        18⤵
        Suspicious use of WriteProcessMemory
        
        PID:3408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        19⤵
        Suspicious use of WriteProcessMemory
        
        PID:3984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        20⤵
        Suspicious use of WriteProcessMemory
        
        PID:3152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        21⤵
        Suspicious use of WriteProcessMemory
        
        PID:1056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        22⤵
        Suspicious use of WriteProcessMemory
        
        PID:368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        23⤵
        
        PID:1756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        24⤵
        
        PID:1976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        25⤵
        
        PID:4968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        26⤵
        
        PID:4376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        27⤵
        
        PID:464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        28⤵
        
        PID:3996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        29⤵
        
        PID:2472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        30⤵
        
        PID:2508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        31⤵
        
        PID:3008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        32⤵
        
        PID:4640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        33⤵
        
        PID:4644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        34⤵
        
        PID:1516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        35⤵
        
        PID:2076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        36⤵
        
        PID:3264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        37⤵
        
        PID:4304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        38⤵
        
        PID:3036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        39⤵
        
        PID:3040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        40⤵
        
        PID:2328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        41⤵
        
        PID:4024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        42⤵
        
        PID:2152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        43⤵
        
        PID:4624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        44⤵
        
        PID:4492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        45⤵
        
        PID:4416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        46⤵
        
        PID:4956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        47⤵
        
        PID:4832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        48⤵
        
        PID:2132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        49⤵
        
        PID:4684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        50⤵
        
        PID:3356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        51⤵
        
        PID:2212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        52⤵
        
        PID:2556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        53⤵
        
        PID:976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        54⤵
        
        PID:4048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        55⤵
        
        PID:1844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        56⤵
        
        PID:3656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        57⤵
        
        PID:1820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        58⤵
        
        PID:1584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        59⤵
        
        PID:3268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        60⤵
        
        PID:4676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        61⤵
        
        PID:1328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        62⤵
        
        PID:2536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        63⤵
        
        PID:3644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        64⤵
        
        PID:3016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        65⤵
        
        PID:2300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        66⤵
        
        PID:5048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        67⤵
        
        PID:1696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        68⤵
        
        PID:4000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        69⤵
        
        PID:4580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        70⤵
        
        PID:2772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        71⤵
        
        PID:5056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        72⤵
        
        PID:3992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        73⤵
        
        PID:1628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        74⤵
        
        PID:4768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        75⤵
        
        PID:2932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        76⤵
        
        PID:4104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        77⤵
        
        PID:2732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        78⤵
        
        PID:1868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        79⤵
        
        PID:3884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        80⤵
        
        PID:2816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        81⤵
        
        PID:4788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        82⤵
        
        PID:3172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        83⤵
        
        PID:4840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        84⤵
        
        PID:2240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        85⤵
        
        PID:3388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        86⤵
        
        PID:4652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        87⤵
        
        PID:4496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        88⤵
        
        PID:4636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        89⤵
        
        PID:3108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        90⤵
        
        PID:3828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        91⤵
        
        PID:1956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        92⤵
        
        PID:3104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        93⤵
        
        PID:4320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        94⤵
        
        PID:3532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        95⤵
        
        PID:1564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        96⤵
        
        PID:4156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        97⤵
        
        PID:2304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        98⤵
        
        PID:2852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        99⤵
        
        PID:556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        100⤵
        
        PID:4236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        101⤵
        
        PID:3756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        102⤵
        
        PID:5096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        103⤵
        
        PID:64
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        104⤵
        
        PID:5084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        105⤵
        
        PID:400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        106⤵
        
        PID:4080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        107⤵
        
        PID:1140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        108⤵
        
        PID:1872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        109⤵
        
        PID:2856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        110⤵
        
        PID:4324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        111⤵
        
        PID:2640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        112⤵
        
        PID:672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        113⤵
        
        PID:1600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        114⤵
        
        PID:3508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        115⤵
        
        PID:5132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        116⤵
        
        PID:5144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        117⤵
        
        PID:5164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        118⤵
        
        PID:5176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        119⤵
        
        PID:5192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        120⤵
        
        PID:5204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        121⤵
        
        PID:5216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        122⤵
        
        PID:5232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        123⤵
        
        PID:5244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        124⤵
        
        PID:5256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        125⤵
        
        PID:5268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        126⤵
        
        PID:5280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        127⤵
        
        PID:5296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        128⤵
        
        PID:5308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        129⤵
        
        PID:5320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        130⤵
        
        PID:5332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        131⤵
        
        PID:5364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        132⤵
        
        PID:5380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        133⤵
        
        PID:5424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        134⤵
        
        PID:5448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        135⤵
        
        PID:5484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        136⤵
        
        PID:5504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        137⤵
        
        PID:5524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        138⤵
        
        PID:5560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        139⤵
        
        PID:5604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        140⤵
        
        PID:5640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        141⤵
        
        PID:5660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        142⤵
        
        PID:5676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        143⤵
        
        PID:5692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        144⤵
        
        PID:5716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        145⤵
        
        PID:5736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        146⤵
        
        PID:5756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        147⤵
        
        PID:5784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        148⤵
        
        PID:5796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        149⤵
        
        PID:5808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        150⤵
        
        PID:5824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        151⤵
        
        PID:5840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        152⤵
        
        PID:5852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        153⤵
        
        PID:5884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        154⤵
        
        PID:5900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        155⤵
        
        PID:5916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        156⤵
        
        PID:5932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        157⤵
        
        PID:5944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        158⤵
        
        PID:5960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        159⤵
        
        PID:5972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        160⤵
        
        PID:5988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        161⤵
        
        PID:6004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        162⤵
        
        PID:6020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        163⤵
        
        PID:6032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        164⤵
        
        PID:6052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        165⤵
        
        PID:6064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        166⤵
        
        PID:6076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        167⤵
        
        PID:6092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        168⤵
        
        PID:6104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        169⤵
        
        PID:6116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        170⤵
        
        PID:6128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        171⤵
        
        PID:6140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        172⤵
        
        PID:5004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        173⤵
        
        PID:2592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        174⤵
        
        PID:2112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        175⤵
        
        PID:6152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        176⤵
        
        PID:6168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        177⤵
        
        PID:6180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        178⤵
        
        PID:6192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        179⤵
        
        PID:6204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        180⤵
        
        PID:6220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        181⤵
        
        PID:6232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        182⤵
        
        PID:6244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        183⤵
        
        PID:6256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        184⤵
        
        PID:6272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        185⤵
        
        PID:6292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        186⤵
        
        PID:6308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        187⤵
        
        PID:6324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        188⤵
        
        PID:6348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        189⤵
        
        PID:6376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        190⤵
        
        PID:6408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        191⤵
        
        PID:6424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        192⤵
        
        PID:6436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        193⤵
        
        PID:6456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        194⤵
        
        PID:6468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        195⤵
        
        PID:6484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        196⤵
        
        PID:6500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        197⤵
        
        PID:6512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        198⤵
        
        PID:6524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        199⤵
        
        PID:6544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        200⤵
        
        PID:6560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        201⤵
        
        PID:6572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        202⤵
        
        PID:6588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        203⤵
        
        PID:6604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        204⤵
        
        PID:6620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        205⤵
        
        PID:6632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        206⤵
        
        PID:6644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        207⤵
        
        PID:6656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        208⤵
        
        PID:6668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        209⤵
        
        PID:6684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        210⤵
        
        PID:6700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        211⤵
        
        PID:6712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        212⤵
        
        PID:6728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        213⤵
        
        PID:6748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        214⤵
        
        PID:6764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        215⤵
        
        PID:6776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        216⤵
        
        PID:6792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        217⤵
        
        PID:6804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        218⤵
        
        PID:6816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        219⤵
        
        PID:6832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        220⤵
        
        PID:6848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        221⤵
        
        PID:6864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        222⤵
        
        PID:6876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        223⤵
        
        PID:6888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        224⤵
        
        PID:6900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        225⤵
        
        PID:6912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        226⤵
        
        PID:6924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        227⤵
        
        PID:6936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        228⤵
        
        PID:6948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        229⤵
        
        PID:6964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        230⤵
        
        PID:6976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        231⤵
        
        PID:6988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        232⤵
        
        PID:7008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        233⤵
        
        PID:7024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        234⤵
        
        PID:7036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        235⤵
        
        PID:7052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        236⤵
        
        PID:7068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        237⤵
        
        PID:7084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        238⤵
        
        PID:7096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        239⤵
        
        PID:7112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        240⤵
        
        PID:7128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        241⤵
        
        PID:7140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        242⤵
        
        PID:7164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        243⤵
        
        PID:3176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        244⤵
        
        PID:5032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        245⤵
        
        PID:7180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        246⤵
        
        PID:7224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        247⤵
        
        PID:7248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        248⤵
        
        PID:7276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        249⤵
        
        PID:7292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        250⤵
        
        PID:7308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        251⤵
        
        PID:7324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        252⤵
        
        PID:7348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        253⤵
        
        PID:7364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        254⤵
        
        PID:7388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        255⤵
        
        PID:7400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        256⤵
        
        PID:7412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        257⤵
        
        PID:7428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        258⤵
        
        PID:7440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        259⤵
        
        PID:7460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        260⤵
        
        PID:7476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        261⤵
        
        PID:7488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        262⤵
        
        PID:7508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        263⤵
        
        PID:7524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        264⤵
        
        PID:7540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        265⤵
        
        PID:7556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        266⤵
        
        PID:7572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        267⤵
        
        PID:7584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        268⤵
        
        PID:7596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        269⤵
        
        PID:7612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        270⤵
        
        PID:7628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        271⤵
        
        PID:7640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        272⤵
        
        PID:7652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        273⤵
        
        PID:7664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        274⤵
        
        PID:7680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        275⤵
        
        PID:7700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        276⤵
        
        PID:7716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        277⤵
        
        PID:7732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        278⤵
        
        PID:7748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        279⤵
        
        PID:7760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        280⤵
        
        PID:7776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        281⤵
        
        PID:7788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        282⤵
        
        PID:7804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        283⤵
        
        PID:7816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        284⤵
        
        PID:7832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        285⤵
        
        PID:7848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        286⤵
        
        PID:7860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        287⤵
        
        PID:7872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        288⤵
        
        PID:7888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        289⤵
        
        PID:7900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        290⤵
        
        PID:7916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        291⤵
        
        PID:7932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        292⤵
        
        PID:7944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        293⤵
        
        PID:7956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        294⤵
        
        PID:7968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        295⤵
        
        PID:7984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        296⤵
        
        PID:7996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        297⤵
        
        PID:8012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        298⤵
        
        PID:8028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        299⤵
        
        PID:8048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        300⤵
        
        PID:8060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        301⤵
        
        PID:8076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        302⤵
        
        PID:8100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        303⤵
        
        PID:8112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        304⤵
        
        PID:8132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        305⤵
        
        PID:8168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        306⤵
        
        PID:8184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        307⤵
        
        PID:3972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        308⤵
        
        PID:7380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        309⤵
        
        PID:5392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        310⤵
        
        PID:8204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        311⤵
        
        PID:8220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        312⤵
        
        PID:8232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        313⤵
        
        PID:8244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        314⤵
        
        PID:8260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        315⤵
        
        PID:8272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        316⤵
        
        PID:8300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        317⤵
        
        PID:8312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        318⤵
        
        PID:8328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        319⤵
        
        PID:8348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        320⤵
        
        PID:8360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        321⤵
        
        PID:8376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        322⤵
        
        PID:8388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        323⤵
        
        PID:8400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        324⤵
        
        PID:8412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        325⤵
        
        PID:8428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        326⤵
        
        PID:8444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        327⤵
        
        PID:8460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        328⤵
        
        PID:8472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        329⤵
        
        PID:8488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        330⤵
        
        PID:8500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        331⤵
        
        PID:8516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        332⤵
        
        PID:8528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        333⤵
        
        PID:8544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        334⤵
        
        PID:8556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        335⤵
        
        PID:8572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        336⤵
        
        PID:8588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        337⤵
        
        PID:8600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        338⤵
        
        PID:8616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        339⤵
        
        PID:8628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        340⤵
        
        PID:8640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        341⤵
        
        PID:8656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        342⤵
        
        PID:8672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        343⤵
        
        PID:8688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        344⤵
        
        PID:8700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        345⤵
        
        PID:8712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        346⤵
        
        PID:8728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        347⤵
        
        PID:8740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        348⤵
        
        PID:8756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        349⤵
        
        PID:8768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        350⤵
        
        PID:8780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        351⤵
        
        PID:8796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        352⤵
        
        PID:8812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        353⤵
        
        PID:8828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        354⤵
        
        PID:8840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        355⤵
        
        PID:8852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        356⤵
        
        PID:8864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        357⤵
        
        PID:8880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        358⤵
        
        PID:8896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        359⤵
        
        PID:8912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        360⤵
        
        PID:8924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        361⤵
        
        PID:8936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        362⤵
        
        PID:8952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        363⤵
        
        PID:8964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        364⤵
        
        PID:8976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        365⤵
        
        PID:8988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        366⤵
        
        PID:9008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        367⤵
        
        PID:9024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        368⤵
        
        PID:9036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        369⤵
        
        PID:9056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        370⤵
        
        PID:9068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        371⤵
        
        PID:9080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        372⤵
        
        PID:9096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        373⤵
        
        PID:9112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        374⤵
        
        PID:9124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        375⤵
        
        PID:9140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        376⤵
        
        PID:9156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        377⤵
        
        PID:9172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        378⤵
        
        PID:9188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        379⤵
        
        PID:9208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        380⤵
        
        PID:8336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        381⤵
        
        PID:5540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        382⤵
        
        PID:5356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        383⤵
        
        PID:5340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        384⤵
        
        PID:5352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        385⤵
        
        PID:2232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        386⤵
        
        PID:8996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        387⤵
        
        PID:9224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        388⤵
        
        PID:9240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        389⤵
        
        PID:9256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        390⤵
        
        PID:9268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        391⤵
        
        PID:9280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        392⤵
        
        PID:9296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        393⤵
        
        PID:9308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        394⤵
        
        PID:9320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        395⤵
        
        PID:9336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        396⤵
        
        PID:9352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        397⤵
        
        PID:9364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        398⤵
        
        PID:9380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        399⤵
        
        PID:9392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        400⤵
        
        PID:9412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        401⤵
        
        PID:9424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        402⤵
        
        PID:9436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        403⤵
        
        PID:9448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        404⤵
        
        PID:9464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        405⤵
        
        PID:9480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        406⤵
        
        PID:9492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        407⤵
        
        PID:9508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        408⤵
        
        PID:9524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        409⤵
        
        PID:9540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        410⤵
        
        PID:9552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        411⤵
        
        PID:9564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        412⤵
        
        PID:9576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        413⤵
        
        PID:9592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        414⤵
        
        PID:9608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        415⤵
        
        PID:9620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        416⤵
        
        PID:9632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        417⤵
        
        PID:9644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        418⤵
        
        PID:9656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        419⤵
        
        PID:9668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        420⤵
        
        PID:9688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        421⤵
        
        PID:9700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        422⤵
        
        PID:9716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        423⤵
        
        PID:9728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        424⤵
        
        PID:9740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        425⤵
        
        PID:9752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        426⤵
        
        PID:9772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        427⤵
        
        PID:9784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        428⤵
        
        PID:9800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        429⤵
        
        PID:9812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        430⤵
        
        PID:9824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        431⤵
        
        PID:9840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        432⤵
        
        PID:9856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        433⤵
        
        PID:9872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        434⤵
        
        PID:9884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        435⤵
        
        PID:9896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        436⤵
        
        PID:9908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        437⤵
        
        PID:9924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        438⤵
        
        PID:9940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        439⤵
        
        PID:9952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        440⤵
        
        PID:9964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        441⤵
        
        PID:9976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        442⤵
        
        PID:9992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        443⤵
        
        PID:10008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        444⤵
        
        PID:10020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        445⤵
        
        PID:10036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        446⤵
        
        PID:10048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        447⤵
        
        PID:10064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        448⤵
        
        PID:10080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        449⤵
        
        PID:10092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        450⤵
        
        PID:10104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        451⤵
        
        PID:10120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        452⤵
        
        PID:10132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        453⤵
        
        PID:10144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        454⤵
        
        PID:10156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        455⤵
        
        PID:10172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        456⤵
        
        PID:10184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        457⤵
        
        PID:10196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        458⤵
        
        PID:10208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        459⤵
        
        PID:10220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        460⤵
        
        PID:10236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        461⤵
        
        PID:9404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        462⤵
        
        PID:10244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        463⤵
        
        PID:10256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        464⤵
        
        PID:10272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        465⤵
        
        PID:10284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        466⤵
        
        PID:10296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        467⤵
        
        PID:10312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        468⤵
        
        PID:10324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        469⤵
        
        PID:10336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        470⤵
        
        PID:10348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        471⤵
        
        PID:10360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        472⤵
        
        PID:10376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        473⤵
        
        PID:10392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        474⤵
        
        PID:10404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        475⤵
        
        PID:10416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        476⤵
        
        PID:10428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        477⤵
        
        PID:10440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        478⤵
        
        PID:10456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        479⤵
        
        PID:10472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        480⤵
        
        PID:10484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        481⤵
        
        PID:10500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        482⤵
        
        PID:10516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        483⤵
        
        PID:10528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        484⤵
        
        PID:10544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        485⤵
        
        PID:10556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        486⤵
        
        PID:10572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        487⤵
        
        PID:10588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        488⤵
        
        PID:10604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        489⤵
        
        PID:10620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        490⤵
        
        PID:10632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        491⤵
        
        PID:10644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        492⤵
        
        PID:10660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        493⤵
        
        PID:10676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        494⤵
        
        PID:10688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        495⤵
        
        PID:10700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        496⤵
        
        PID:10712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        497⤵
        
        PID:10728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        498⤵
        
        PID:10740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        499⤵
        
        PID:10752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        500⤵
        
        PID:10764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        501⤵
        
        PID:10780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        502⤵
        
        PID:10796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        503⤵
        
        PID:10812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        504⤵
        
        PID:10824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        505⤵
        
        PID:10836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        506⤵
        
        PID:10848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        507⤵
        
        PID:10860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        508⤵
        
        PID:10876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        509⤵
        
        PID:10896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        510⤵
        
        PID:10908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        511⤵
        
        PID:10920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        512⤵
        
        PID:10932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        513⤵
        
        PID:10948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        514⤵
        
        PID:10960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        515⤵
        
        PID:10972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        516⤵
        
        PID:10984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        517⤵
        
        PID:11000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        518⤵
        
        PID:11012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        519⤵
        
        PID:11024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        520⤵
        
        PID:11036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        521⤵
        
        PID:11048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        522⤵
        
        PID:11060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        523⤵
        
        PID:11072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        524⤵
        
        PID:11088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        525⤵
        
        PID:11100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        526⤵
        
        PID:11112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        527⤵
        
        PID:11128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        528⤵
        
        PID:11140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        529⤵
        
        PID:11156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        530⤵
        
        PID:11172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        531⤵
        
        PID:11184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        532⤵
        
        PID:11204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        533⤵
        
        PID:11216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        534⤵
        
        PID:11228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        535⤵
        
        PID:11244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        536⤵
        
        PID:11256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        537⤵
        
        PID:11268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        538⤵
        
        PID:11300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        539⤵
        
        PID:11312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        540⤵
        
        PID:11348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        541⤵
        
        PID:11368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        542⤵
        
        PID:11384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        543⤵
        
        PID:11400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        544⤵
        
        PID:11416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        545⤵
        
        PID:11428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        546⤵
        
        PID:11440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        547⤵
        
        PID:11456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        548⤵
        
        PID:11472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        549⤵
        
        PID:11484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        550⤵
        
        PID:11496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        551⤵
        
        PID:11508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        552⤵
        
        PID:11532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        553⤵
        
        PID:11544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        554⤵
        
        PID:11568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        555⤵
        
        PID:11584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        556⤵
        
        PID:11596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        557⤵
        
        PID:11620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        558⤵
        
        PID:11632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        559⤵
        
        PID:11648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        560⤵
        
        PID:11664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        561⤵
        
        PID:11676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        562⤵
        
        PID:11692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        563⤵
        
        PID:11704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        564⤵
        
        PID:11716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        565⤵
        
        PID:11728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        566⤵
        
        PID:11744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        567⤵
        
        PID:11760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        568⤵
        
        PID:11776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        569⤵
        
        PID:11788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        570⤵
        
        PID:11804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        571⤵
        
        PID:11816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        572⤵
        
        PID:11832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        573⤵
        
        PID:11844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        574⤵
        
        PID:11860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        575⤵
        
        PID:11880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        576⤵
        
        PID:11896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        577⤵
        
        PID:11908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        578⤵
        
        PID:11924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        579⤵
        
        PID:11940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        580⤵
        
        PID:11956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        581⤵
        
        PID:11972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        582⤵
        
        PID:11984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        583⤵
        
        PID:12000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        584⤵
        
        PID:12016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        585⤵
        
        PID:12048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        586⤵
        
        PID:12064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        587⤵
        
        PID:12080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        588⤵
        
        PID:12096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        589⤵
        
        PID:12116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        590⤵
        
        PID:12128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        591⤵
        
        PID:12144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        592⤵
        
        PID:12156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        593⤵
        
        PID:12172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        594⤵
        
        PID:12188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        595⤵
        
        PID:12200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        596⤵
        
        PID:12212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        597⤵
        
        PID:12224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        598⤵
        
        PID:12236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        599⤵
        
        PID:12252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        600⤵
        
        PID:12268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        601⤵
        
        PID:12280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        602⤵
        
        PID:808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        603⤵
        
        PID:3840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        604⤵
        
        PID:1512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        605⤵
        
        PID:516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        606⤵
        
        PID:4160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        607⤵
        
        PID:2292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        608⤵
        
        PID:1216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        609⤵
        
        PID:3648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        610⤵
        
        PID:3300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        611⤵
        
        PID:2308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        612⤵
        
        PID:3144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        613⤵
        
        PID:4680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        614⤵
        
        PID:3400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        615⤵
        
        PID:5024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        616⤵
        
        PID:2504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        617⤵
        
        PID:3116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        618⤵
        
        PID:4736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        619⤵
        
        PID:3012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        620⤵
        
        PID:5108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        621⤵
        
        PID:4764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        622⤵
        
        PID:1648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        623⤵
        
        PID:12040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        624⤵
        
        PID:11464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        625⤵
        
        PID:11276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        626⤵
        
        PID:4388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        627⤵
        
        PID:316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        628⤵
        
        PID:4208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        629⤵
        
        PID:12164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        630⤵
        
        PID:3308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        631⤵
        
        PID:4364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        632⤵
        
        PID:4064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        633⤵
        
        PID:4252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        634⤵
        
        PID:3876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        635⤵
        
        PID:2136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        636⤵
        
        PID:756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        637⤵
        
        PID:2596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        638⤵
        
        PID:1924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        639⤵
        
        PID:4868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        640⤵
        
        PID:2344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        641⤵
        
        PID:4088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        642⤵
        
        PID:5020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        643⤵
        
        PID:4800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        644⤵
        
        PID:3416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        645⤵
        
        PID:952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        646⤵
        
        PID:3720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        647⤵
        
        PID:4828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        648⤵
        
        PID:1364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        649⤵
        
        PID:312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        650⤵
        
        PID:1036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        651⤵
        
        PID:3872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        652⤵
        
        PID:2260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        653⤵
        
        PID:1596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        654⤵
        
        PID:1144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        655⤵
        
        PID:12300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        656⤵
        
        PID:12312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        657⤵
        
        PID:12324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        658⤵
        
        PID:12340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        659⤵
        
        PID:12356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        660⤵
        
        PID:12368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        661⤵
        
        PID:12384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        662⤵
        
        PID:12400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        663⤵
        
        PID:12412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        664⤵
        
        PID:12428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        665⤵
        
        PID:12448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        666⤵
        
        PID:12464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        667⤵
        
        PID:12476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        668⤵
        
        PID:12488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        669⤵
        
        PID:12500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        670⤵
        
        PID:12516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        671⤵
        
        PID:12532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        672⤵
        
        PID:12552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        673⤵
        
        PID:12564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        674⤵
        
        PID:12576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        675⤵
        
        PID:12588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        676⤵
        
        PID:12600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        677⤵
        
        PID:12612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        678⤵
        
        PID:12624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        679⤵
        
        PID:12640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        680⤵
        
        PID:12656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        681⤵
        
        PID:12668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        682⤵
        
        PID:12684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        683⤵
        
        PID:12696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        684⤵
        
        PID:12708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        685⤵
        
        PID:12720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        686⤵
        
        PID:12732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        687⤵
        
        PID:12744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        688⤵
        
        PID:12764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        689⤵
        
        PID:12780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        690⤵
        
        PID:12792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        691⤵
        
        PID:12804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        692⤵
        
        PID:12820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        693⤵
        
        PID:12832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        694⤵
        
        PID:12848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        695⤵
        
        PID:12860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        696⤵
        
        PID:12872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        697⤵
        
        PID:12884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        698⤵
        
        PID:12900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        699⤵
        
        PID:12916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        700⤵
        
        PID:12932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        701⤵
        
        PID:12944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        702⤵
        
        PID:12960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        703⤵
        
        PID:12972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        704⤵
        
        PID:12984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        705⤵
        
        PID:12996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        706⤵
        
        PID:13008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        707⤵
        
        PID:13020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        708⤵
        
        PID:13036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        709⤵
        
        PID:13052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        710⤵
        
        PID:13064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        711⤵
        
        PID:13084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        712⤵
        
        PID:13096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        713⤵
        
        PID:13108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        714⤵
        
        PID:13124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        715⤵
        
        PID:13136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        716⤵
        
        PID:13148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        717⤵
        
        PID:13160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        718⤵
        
        PID:13176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        719⤵
        
        PID:13188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        720⤵
        
        PID:13200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        721⤵
        
        PID:13216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        722⤵
        
        PID:13228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        723⤵
        
        PID:13244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        724⤵
        
        PID:13256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        725⤵
        
        PID:13272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        726⤵
        
        PID:13292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        727⤵
        
        PID:13304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        728⤵
        
        PID:2272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        729⤵
        
        PID:880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        730⤵
        
        PID:3576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        731⤵
        
        PID:4812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        732⤵
        
        PID:4312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        733⤵
        
        PID:3528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        734⤵
        
        PID:3632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        735⤵
        
        PID:5160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        736⤵
        
        PID:5188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        737⤵
        
        PID:2056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        738⤵
        
        PID:5252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        739⤵
        
        PID:5288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        740⤵
        
        PID:5328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        741⤵
        
        PID:5388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        742⤵
        
        PID:5456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        743⤵
        
        PID:5480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        744⤵
        
        PID:5516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        745⤵
        
        PID:5600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        746⤵
        
        PID:5668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        747⤵
        
        PID:5700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        748⤵
        
        PID:5708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        749⤵
        
        PID:5752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        750⤵
        
        PID:5820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        751⤵
        
        PID:5880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        752⤵
        
        PID:5896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        753⤵
        
        PID:5928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        754⤵
        
        PID:5956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        755⤵
        
        PID:5996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        756⤵
        
        PID:6012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        757⤵
        
        PID:6044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        758⤵
        
        PID:6084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        759⤵
        
        PID:6112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        760⤵
        
        PID:2888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        761⤵
        
        PID:4848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        762⤵
        
        PID:6160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        763⤵
        
        PID:6188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        764⤵
        
        PID:6228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        765⤵
        
        PID:6252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        766⤵
        
        PID:6288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        767⤵
        
        PID:6316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        768⤵
        
        PID:6372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        769⤵
        
        PID:6420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        770⤵
        
        PID:6452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        771⤵
        
        PID:6480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        772⤵
        
        PID:6532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        773⤵
        
        PID:6536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        774⤵
        
        PID:4372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        775⤵
        
        PID:6596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        776⤵
        
        PID:6628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        777⤵
        
        PID:6680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        778⤵
        
        PID:6708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        779⤵
        
        PID:6740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        780⤵
        
        PID:6788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        781⤵
        
        PID:6812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        782⤵
        
        PID:6844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        783⤵
        
        PID:6872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        784⤵
        
        PID:6908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        785⤵
        
        PID:6956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        786⤵
        
        PID:6984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        787⤵
        
        PID:7016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        788⤵
        
        PID:7044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        789⤵
        
        PID:7076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        790⤵
        
        PID:7124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        791⤵
        
        PID:13324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        792⤵
        
        PID:13336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        793⤵
        
        PID:13348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        794⤵
        
        PID:13368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        795⤵
        
        PID:13380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        796⤵
        
        PID:13396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        797⤵
        
        PID:13412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        798⤵
        
        PID:13424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        799⤵
        
        PID:13440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        800⤵
        
        PID:13456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        801⤵
        
        PID:13472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        802⤵
        
        PID:13484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        803⤵
        
        PID:13496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        804⤵
        
        PID:13512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        805⤵
        
        PID:13528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        806⤵
        
        PID:13540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        807⤵
        
        PID:13552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        808⤵
        
        PID:13564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        809⤵
        
        PID:13576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        810⤵
        
        PID:13592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        811⤵
        
        PID:13604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        812⤵
        
        PID:13620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        813⤵
        
        PID:13632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        814⤵
        
        PID:13648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        815⤵
        
        PID:13660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        816⤵
        
        PID:13676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        817⤵
        
        PID:13692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        818⤵
        
        PID:13704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        819⤵
        
        PID:13720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        820⤵
        
        PID:13732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        821⤵
        
        PID:13744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        822⤵
        
        PID:13756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        823⤵
        
        PID:13772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        824⤵
        
        PID:13788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        825⤵
        
        PID:13800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        826⤵
        
        PID:13820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        827⤵
        
        PID:13832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        828⤵
        
        PID:13852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        829⤵
        
        PID:13864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        830⤵
        
        PID:13880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        831⤵
        
        PID:13896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        832⤵
        
        PID:13908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        833⤵
        
        PID:13920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        834⤵
        
        PID:13936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        835⤵
        
        PID:13948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        836⤵
        
        PID:13964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        837⤵
        
        PID:13976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        838⤵
        
        PID:13988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        839⤵
        
        PID:14000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        840⤵
        
        PID:14016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        841⤵
        
        PID:14032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        842⤵
        
        PID:14048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        843⤵
        
        PID:14060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        844⤵
        
        PID:14080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        845⤵
        
        PID:14096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        846⤵
        
        PID:14112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        847⤵
        
        PID:14128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        848⤵
        
        PID:14140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        849⤵
        
        PID:14152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        850⤵
        
        PID:14168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        851⤵
        
        PID:14184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        852⤵
        
        PID:14196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        853⤵
        
        PID:14208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        854⤵
        
        PID:14220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        855⤵
        
        PID:14232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        856⤵
        
        PID:14248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        857⤵
        
        PID:14264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        858⤵
        
        PID:14276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        859⤵
        
        PID:14288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        860⤵
        
        PID:14304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        861⤵
        
        PID:14320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        862⤵
        
        PID:7136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        863⤵
        
        PID:6300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        864⤵
        
        PID:7176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        865⤵
        
        PID:7240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        866⤵
        
        PID:7288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        867⤵
        
        PID:7332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        868⤵
        
        PID:7344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        869⤵
        
        PID:7384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        870⤵
        
        PID:7408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        871⤵
        
        PID:7436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        872⤵
        
        PID:7472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        873⤵
        
        PID:7484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        874⤵
        
        PID:7520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        875⤵
        
        PID:7548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        876⤵
        
        PID:7564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        877⤵
        
        PID:7608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        878⤵
        
        PID:7636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        879⤵
        
        PID:7676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        880⤵
        
        PID:7728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        881⤵
        
        PID:7740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        882⤵
        
        PID:7784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        883⤵
        
        PID:7824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        884⤵
        
        PID:7840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        885⤵
        
        PID:7868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        886⤵
        
        PID:7896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        887⤵
        
        PID:7924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        888⤵
        
        PID:7980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        889⤵
        
        PID:8008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        890⤵
        
        PID:8024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        891⤵
        
        PID:8056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        892⤵
        
        PID:8096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        893⤵
        
        PID:8108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        894⤵
        
        PID:6996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        895⤵
        
        PID:3556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        896⤵
        
        PID:7696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        897⤵
        
        PID:8216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        898⤵
        
        PID:8256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        899⤵
        
        PID:8308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        900⤵
        
        PID:8340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        901⤵
        
        PID:8372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        902⤵
        
        PID:8408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        903⤵
        
        PID:8436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        904⤵
        
        PID:8484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        905⤵
        
        PID:8512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        906⤵
        
        PID:8540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        907⤵
        
        PID:8568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\9a928ca410426d647db5ede0c96075c2.dll,#1
        908⤵
        
        PID:8608

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads