ec53014e4c07088fd84a20e0944250cd5a84f558c7a129d6ff73ae908431ce74

Analysis

max time kernel
142s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
21-04-2024 15:19

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll
Size

8KB
MD5

ff938474cb2c9e3727d1a2ae4281ef12
SHA1

407b7a915ce75453f9234979c4d91aacd1b5fa92
SHA256

ec53014e4c07088fd84a20e0944250cd5a84f558c7a129d6ff73ae908431ce74
SHA512

0ed6ae09d428ba5f5dc7de7fc36ea18ea5166b1ebc547ab49ac2e1a6bf9c9defbc73a0d295bd8f830a4f556fac02be2e230d51d08b6c82885189198798d491d3
SSDEEP

192:ilGqrwY9XK9KeNJoHjCNQcdFW6CAVMDtfdwFuTHVGL:ilJ94JoDkJW6C3Nd+uTVGL

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1588 wrote to memory of 2532	1588	rundll32.exe	92
PID 1588 wrote to memory of 2532	1588	rundll32.exe	92
PID 1588 wrote to memory of 2532	1588	rundll32.exe	92
PID 2532 wrote to memory of 4984	2532	rundll32.exe	93
PID 2532 wrote to memory of 4984	2532	rundll32.exe	93
PID 2532 wrote to memory of 4984	2532	rundll32.exe	93
PID 4984 wrote to memory of 4916	4984	rundll32.exe	94
PID 4984 wrote to memory of 4916	4984	rundll32.exe	94
PID 4984 wrote to memory of 4916	4984	rundll32.exe	94
PID 4916 wrote to memory of 3048	4916	rundll32.exe	95
PID 4916 wrote to memory of 3048	4916	rundll32.exe	95
PID 4916 wrote to memory of 3048	4916	rundll32.exe	95
PID 3048 wrote to memory of 2332	3048	rundll32.exe	96
PID 3048 wrote to memory of 2332	3048	rundll32.exe	96
PID 3048 wrote to memory of 2332	3048	rundll32.exe	96
PID 2332 wrote to memory of 2840	2332	rundll32.exe	97
PID 2332 wrote to memory of 2840	2332	rundll32.exe	97
PID 2332 wrote to memory of 2840	2332	rundll32.exe	97
PID 2840 wrote to memory of 1376	2840	rundll32.exe	98
PID 2840 wrote to memory of 1376	2840	rundll32.exe	98
PID 2840 wrote to memory of 1376	2840	rundll32.exe	98
PID 1376 wrote to memory of 3556	1376	rundll32.exe	99
PID 1376 wrote to memory of 3556	1376	rundll32.exe	99
PID 1376 wrote to memory of 3556	1376	rundll32.exe	99
PID 3556 wrote to memory of 2256	3556	rundll32.exe	100
PID 3556 wrote to memory of 2256	3556	rundll32.exe	100
PID 3556 wrote to memory of 2256	3556	rundll32.exe	100
PID 2256 wrote to memory of 3808	2256	rundll32.exe	101
PID 2256 wrote to memory of 3808	2256	rundll32.exe	101
PID 2256 wrote to memory of 3808	2256	rundll32.exe	101
PID 3808 wrote to memory of 2600	3808	rundll32.exe	102
PID 3808 wrote to memory of 2600	3808	rundll32.exe	102
PID 3808 wrote to memory of 2600	3808	rundll32.exe	102
PID 2600 wrote to memory of 1880	2600	rundll32.exe	103
PID 2600 wrote to memory of 1880	2600	rundll32.exe	103
PID 2600 wrote to memory of 1880	2600	rundll32.exe	103
PID 1880 wrote to memory of 1480	1880	rundll32.exe	104
PID 1880 wrote to memory of 1480	1880	rundll32.exe	104
PID 1880 wrote to memory of 1480	1880	rundll32.exe	104
PID 1480 wrote to memory of 3748	1480	rundll32.exe	105
PID 1480 wrote to memory of 3748	1480	rundll32.exe	105
PID 1480 wrote to memory of 3748	1480	rundll32.exe	105
PID 3748 wrote to memory of 2300	3748	rundll32.exe	106
PID 3748 wrote to memory of 2300	3748	rundll32.exe	106
PID 3748 wrote to memory of 2300	3748	rundll32.exe	106
PID 2300 wrote to memory of 1888	2300	rundll32.exe	107
PID 2300 wrote to memory of 1888	2300	rundll32.exe	107
PID 2300 wrote to memory of 1888	2300	rundll32.exe	107
PID 1888 wrote to memory of 208	1888	rundll32.exe	108
PID 1888 wrote to memory of 208	1888	rundll32.exe	108
PID 1888 wrote to memory of 208	1888	rundll32.exe	108
PID 208 wrote to memory of 556	208	rundll32.exe	109
PID 208 wrote to memory of 556	208	rundll32.exe	109
PID 208 wrote to memory of 556	208	rundll32.exe	109
PID 556 wrote to memory of 4696	556	rundll32.exe	110
PID 556 wrote to memory of 4696	556	rundll32.exe	110
PID 556 wrote to memory of 4696	556	rundll32.exe	110
PID 4696 wrote to memory of 912	4696	rundll32.exe	111
PID 4696 wrote to memory of 912	4696	rundll32.exe	111
PID 4696 wrote to memory of 912	4696	rundll32.exe	111
PID 912 wrote to memory of 432	912	rundll32.exe	112
PID 912 wrote to memory of 432	912	rundll32.exe	112
PID 912 wrote to memory of 432	912	rundll32.exe	112
PID 432 wrote to memory of 2800	432	rundll32.exe	113

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:1588
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
  2⤵
  - Suspicious use of WriteProcessMemory
  PID:2532
- - C:\Windows\SysWOW64\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
    3⤵
    - Suspicious use of WriteProcessMemory
    PID:4984
  - - C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
      4⤵
      Suspicious use of WriteProcessMemory
      PID:4916
    - - C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        5⤵
        Suspicious use of WriteProcessMemory
        
        PID:3048
      - C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        6⤵
        Suspicious use of WriteProcessMemory
        
        PID:2332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        7⤵
        Suspicious use of WriteProcessMemory
        
        PID:2840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        8⤵
        Suspicious use of WriteProcessMemory
        
        PID:1376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        9⤵
        Suspicious use of WriteProcessMemory
        
        PID:3556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        10⤵
        Suspicious use of WriteProcessMemory
        
        PID:2256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        11⤵
        Suspicious use of WriteProcessMemory
        
        PID:3808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        12⤵
        Suspicious use of WriteProcessMemory
        
        PID:2600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        13⤵
        Suspicious use of WriteProcessMemory
        
        PID:1880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        14⤵
        Suspicious use of WriteProcessMemory
        
        PID:1480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        15⤵
        Suspicious use of WriteProcessMemory
        
        PID:3748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        16⤵
        Suspicious use of WriteProcessMemory
        
        PID:2300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        17⤵
        Suspicious use of WriteProcessMemory
        
        PID:1888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        18⤵
        Suspicious use of WriteProcessMemory
        
        PID:208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        19⤵
        Suspicious use of WriteProcessMemory
        
        PID:556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        20⤵
        Suspicious use of WriteProcessMemory
        
        PID:4696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        21⤵
        Suspicious use of WriteProcessMemory
        
        PID:912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        22⤵
        Suspicious use of WriteProcessMemory
        
        PID:432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        23⤵
        
        PID:2800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        24⤵
        
        PID:2916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        25⤵
        
        PID:4928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        26⤵
        
        PID:4364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        27⤵
        
        PID:936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        28⤵
        
        PID:4816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        29⤵
        
        PID:3320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        30⤵
        
        PID:1268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        31⤵
        
        PID:1688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        32⤵
        
        PID:2960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        33⤵
        
        PID:3500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        34⤵
        
        PID:640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        35⤵
        
        PID:4944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        36⤵
        
        PID:2672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        37⤵
        
        PID:776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        38⤵
        
        PID:4048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        39⤵
        
        PID:1812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        40⤵
        
        PID:4664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        41⤵
        
        PID:5108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        42⤵
        
        PID:4292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        43⤵
        
        PID:5012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        44⤵
        
        PID:1692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        45⤵
        
        PID:2084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        46⤵
        
        PID:4212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        47⤵
        
        PID:2692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        48⤵
        
        PID:3876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        49⤵
        
        PID:2304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        50⤵
        
        PID:4224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        51⤵
        
        PID:3180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        52⤵
        
        PID:3212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        53⤵
        
        PID:3016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        54⤵
        
        PID:3836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        55⤵
        
        PID:536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        56⤵
        
        PID:2448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        57⤵
        
        PID:4988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        58⤵
        
        PID:1860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        59⤵
        
        PID:2088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        60⤵
        
        PID:4372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        61⤵
        
        PID:1696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        62⤵
        
        PID:3784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        63⤵
        
        PID:2252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        64⤵
        
        PID:1592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        65⤵
        
        PID:4712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        66⤵
        
        PID:4328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        67⤵
        
        PID:2828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        68⤵
        
        PID:2280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        69⤵
        
        PID:3804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        70⤵
        
        PID:2936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        71⤵
        
        PID:1064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        72⤵
        
        PID:3984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        73⤵
        
        PID:4528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        74⤵
        
        PID:4992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        75⤵
        
        PID:3308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        76⤵
        
        PID:3996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        77⤵
        
        PID:5116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        78⤵
        
        PID:884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        79⤵
        
        PID:3008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        80⤵
        
        PID:3252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        81⤵
        
        PID:2756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        82⤵
        
        PID:4432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        83⤵
        
        PID:4600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        84⤵
        
        PID:4032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        85⤵
        
        PID:4156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        86⤵
        
        PID:1512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        87⤵
        
        PID:5000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        88⤵
        
        PID:3492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        89⤵
        
        PID:4640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        90⤵
        
        PID:3344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        91⤵
        
        PID:4872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        92⤵
        
        PID:2524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        93⤵
        
        PID:2272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        94⤵
        
        PID:2124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        95⤵
        
        PID:3228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        96⤵
        
        PID:2072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        97⤵
        
        PID:2940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        98⤵
        
        PID:4376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        99⤵
        
        PID:4472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        100⤵
        
        PID:2248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        101⤵
        
        PID:5124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        102⤵
        
        PID:5140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        103⤵
        
        PID:5152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        104⤵
        
        PID:5168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        105⤵
        
        PID:5180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        106⤵
        
        PID:5192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        107⤵
        
        PID:5208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        108⤵
        
        PID:5224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        109⤵
        
        PID:5236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        110⤵
        
        PID:5252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        111⤵
        
        PID:5272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        112⤵
        
        PID:5288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        113⤵
        
        PID:5300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        114⤵
        
        PID:5316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        115⤵
        
        PID:5332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        116⤵
        
        PID:5352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        117⤵
        
        PID:5372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        118⤵
        
        PID:5388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        119⤵
        
        PID:5404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        120⤵
        
        PID:5420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        121⤵
        
        PID:5432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        122⤵
        
        PID:5448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        123⤵
        
        PID:5464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        124⤵
        
        PID:5480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        125⤵
        
        PID:5492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        126⤵
        
        PID:5508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        127⤵
        
        PID:5520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        128⤵
        
        PID:5532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        129⤵
        
        PID:5544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        130⤵
        
        PID:5560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        131⤵
        
        PID:5576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        132⤵
        
        PID:5588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        133⤵
        
        PID:5608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        134⤵
        
        PID:5624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        135⤵
        
        PID:5640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        136⤵
        
        PID:5656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        137⤵
        
        PID:5668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        138⤵
        
        PID:5680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        139⤵
        
        PID:5696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        140⤵
        
        PID:5708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        141⤵
        
        PID:5720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        142⤵
        
        PID:5736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        143⤵
        
        PID:5752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        144⤵
        
        PID:5764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        145⤵
        
        PID:5784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        146⤵
        
        PID:5800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        147⤵
        
        PID:5816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        148⤵
        
        PID:5828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        149⤵
        
        PID:5840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        150⤵
        
        PID:5852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        151⤵
        
        PID:5864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        152⤵
        
        PID:5880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        153⤵
        
        PID:5892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        154⤵
        
        PID:5904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        155⤵
        
        PID:5916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        156⤵
        
        PID:5928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        157⤵
        
        PID:5940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        158⤵
        
        PID:5952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        159⤵
        
        PID:5964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        160⤵
        
        PID:5980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        161⤵
        
        PID:5996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        162⤵
        
        PID:6008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        163⤵
        
        PID:6020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        164⤵
        
        PID:6040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        165⤵
        
        PID:6056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        166⤵
        
        PID:6068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        167⤵
        
        PID:6084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        168⤵
        
        PID:6096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        169⤵
        
        PID:6108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        170⤵
        
        PID:6124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        171⤵
        
        PID:1904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        172⤵
        
        PID:5568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        173⤵
        
        PID:3976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        174⤵
        
        PID:2516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        175⤵
        
        PID:5044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        176⤵
        
        PID:6156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        177⤵
        
        PID:6168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        178⤵
        
        PID:6184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        179⤵
        
        PID:6196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        180⤵
        
        PID:6208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        181⤵
        
        PID:6228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        182⤵
        
        PID:6244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        183⤵
        
        PID:6260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        184⤵
        
        PID:6272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        185⤵
        
        PID:6284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        186⤵
        
        PID:6296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        187⤵
        
        PID:6308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        188⤵
        
        PID:6324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        189⤵
        
        PID:6336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        190⤵
        
        PID:6348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        191⤵
        
        PID:6360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        192⤵
        
        PID:6372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        193⤵
        
        PID:6384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        194⤵
        
        PID:6396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        195⤵
        
        PID:6412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        196⤵
        
        PID:6424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        197⤵
        
        PID:6436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        198⤵
        
        PID:6448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        199⤵
        
        PID:6460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        200⤵
        
        PID:6480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        201⤵
        
        PID:6492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        202⤵
        
        PID:6508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        203⤵
        
        PID:6520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        204⤵
        
        PID:6532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        205⤵
        
        PID:6544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        206⤵
        
        PID:6556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        207⤵
        
        PID:6568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        208⤵
        
        PID:6580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        209⤵
        
        PID:6596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        210⤵
        
        PID:6608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        211⤵
        
        PID:6620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        212⤵
        
        PID:6632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        213⤵
        
        PID:6644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        214⤵
        
        PID:6656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        215⤵
        
        PID:6684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        216⤵
        
        PID:6696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        217⤵
        
        PID:6708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        218⤵
        
        PID:6720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        219⤵
        
        PID:6736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        220⤵
        
        PID:6748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        221⤵
        
        PID:6760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        222⤵
        
        PID:6772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        223⤵
        
        PID:6788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        224⤵
        
        PID:6800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        225⤵
        
        PID:6816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        226⤵
        
        PID:6836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        227⤵
        
        PID:6852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        228⤵
        
        PID:6864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        229⤵
        
        PID:6876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        230⤵
        
        PID:6892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        231⤵
        
        PID:6904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        232⤵
        
        PID:6916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        233⤵
        
        PID:6928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        234⤵
        
        PID:6940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        235⤵
        
        PID:6964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        236⤵
        
        PID:6980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        237⤵
        
        PID:6996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        238⤵
        
        PID:7012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        239⤵
        
        PID:7024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        240⤵
        
        PID:7040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        241⤵
        
        PID:7052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        242⤵
        
        PID:7076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        243⤵
        
        PID:7092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        244⤵
        
        PID:7108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        245⤵
        
        PID:7120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        246⤵
        
        PID:7132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        247⤵
        
        PID:7148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        248⤵
        
        PID:7164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        249⤵
        
        PID:4408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        250⤵
        
        PID:6728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        251⤵
        
        PID:6988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        252⤵
        
        PID:7180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        253⤵
        
        PID:7196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        254⤵
        
        PID:7212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        255⤵
        
        PID:7232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        256⤵
        
        PID:7248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        257⤵
        
        PID:7260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        258⤵
        
        PID:7280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        259⤵
        
        PID:7292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        260⤵
        
        PID:7304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        261⤵
        
        PID:7316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        262⤵
        
        PID:7328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        263⤵
        
        PID:7340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        264⤵
        
        PID:7352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        265⤵
        
        PID:7364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        266⤵
        
        PID:7376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        267⤵
        
        PID:7392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        268⤵
        
        PID:7408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        269⤵
        
        PID:7424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        270⤵
        
        PID:7440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        271⤵
        
        PID:7452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        272⤵
        
        PID:7468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        273⤵
        
        PID:7488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        274⤵
        
        PID:7504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        275⤵
        
        PID:7520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        276⤵
        
        PID:7532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        277⤵
        
        PID:7548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        278⤵
        
        PID:7560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        279⤵
        
        PID:7576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        280⤵
        
        PID:7588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        281⤵
        
        PID:7600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        282⤵
        
        PID:7612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        283⤵
        
        PID:7628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        284⤵
        
        PID:7644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        285⤵
        
        PID:7656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        286⤵
        
        PID:7672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        287⤵
        
        PID:7684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        288⤵
        
        PID:7696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        289⤵
        
        PID:7712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        290⤵
        
        PID:7724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        291⤵
        
        PID:7740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        292⤵
        
        PID:7752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        293⤵
        
        PID:7764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        294⤵
        
        PID:7776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        295⤵
        
        PID:7788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        296⤵
        
        PID:7800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        297⤵
        
        PID:7812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        298⤵
        
        PID:7824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        299⤵
        
        PID:7840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        300⤵
        
        PID:7856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        301⤵
        
        PID:7872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        302⤵
        
        PID:7888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        303⤵
        
        PID:7900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        304⤵
        
        PID:7912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        305⤵
        
        PID:7924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        306⤵
        
        PID:7936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        307⤵
        
        PID:7952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        308⤵
        
        PID:7964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        309⤵
        
        PID:7984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        310⤵
        
        PID:7996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        311⤵
        
        PID:8008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        312⤵
        
        PID:8024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        313⤵
        
        PID:8036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        314⤵
        
        PID:8048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        315⤵
        
        PID:8064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        316⤵
        
        PID:8076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        317⤵
        
        PID:8092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        318⤵
        
        PID:8112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        319⤵
        
        PID:8128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        320⤵
        
        PID:8144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        321⤵
        
        PID:8156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        322⤵
        
        PID:8172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        323⤵
        
        PID:8184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        324⤵
        
        PID:7476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        325⤵
        
        PID:8196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        326⤵
        
        PID:8220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        327⤵
        
        PID:8240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        328⤵
        
        PID:8264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        329⤵
        
        PID:8292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        330⤵
        
        PID:8308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        331⤵
        
        PID:8320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        332⤵
        
        PID:8364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        333⤵
        
        PID:8404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        334⤵
        
        PID:8428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        335⤵
        
        PID:8460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        336⤵
        
        PID:8480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        337⤵
        
        PID:8544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        338⤵
        
        PID:8596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        339⤵
        
        PID:8624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        340⤵
        
        PID:8640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        341⤵
        
        PID:8660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        342⤵
        
        PID:8672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        343⤵
        
        PID:8684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        344⤵
        
        PID:8696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        345⤵
        
        PID:8728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        346⤵
        
        PID:8744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        347⤵
        
        PID:8760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        348⤵
        
        PID:8796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        349⤵
        
        PID:8816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        350⤵
        
        PID:8832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        351⤵
        
        PID:8864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        352⤵
        
        PID:8908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        353⤵
        
        PID:8924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        354⤵
        
        PID:8940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        355⤵
        
        PID:8952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        356⤵
        
        PID:8972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        357⤵
        
        PID:8988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        358⤵
        
        PID:9008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        359⤵
        
        PID:9024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        360⤵
        
        PID:9040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        361⤵
        
        PID:9064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        362⤵
        
        PID:9080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        363⤵
        
        PID:9100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        364⤵
        
        PID:9120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        365⤵
        
        PID:9144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        366⤵
        
        PID:9160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        367⤵
        
        PID:9184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        368⤵
        
        PID:9200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        369⤵
        
        PID:9212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        370⤵
        
        PID:5016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        371⤵
        
        PID:4360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        372⤵
        
        PID:4504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        373⤵
        
        PID:1884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        374⤵
        
        PID:4628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        375⤵
        
        PID:9232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        376⤵
        
        PID:9248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        377⤵
        
        PID:9260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        378⤵
        
        PID:9272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        379⤵
        
        PID:9288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        380⤵
        
        PID:9300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        381⤵
        
        PID:9324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        382⤵
        
        PID:9336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        383⤵
        
        PID:9352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        384⤵
        
        PID:9364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        385⤵
        
        PID:9388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        386⤵
        
        PID:9400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        387⤵
        
        PID:9412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        388⤵
        
        PID:9424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        389⤵
        
        PID:9444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        390⤵
        
        PID:9460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        391⤵
        
        PID:9488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        392⤵
        
        PID:9516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        393⤵
        
        PID:9532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        394⤵
        
        PID:9544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        395⤵
        
        PID:9556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        396⤵
        
        PID:9568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        397⤵
        
        PID:9580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        398⤵
        
        PID:9592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        399⤵
        
        PID:9604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        400⤵
        
        PID:9620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        401⤵
        
        PID:9632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        402⤵
        
        PID:9644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        403⤵
        
        PID:9656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        404⤵
        
        PID:9668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        405⤵
        
        PID:9684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        406⤵
        
        PID:9696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        407⤵
        
        PID:9708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        408⤵
        
        PID:9720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        409⤵
        
        PID:9736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        410⤵
        
        PID:9748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        411⤵
        
        PID:9764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        412⤵
        
        PID:9776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        413⤵
        
        PID:9788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        414⤵
        
        PID:9804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        415⤵
        
        PID:9820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        416⤵
        
        PID:9832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        417⤵
        
        PID:9848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        418⤵
        
        PID:9860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        419⤵
        
        PID:9872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        420⤵
        
        PID:9884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        421⤵
        
        PID:9904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        422⤵
        
        PID:9920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        423⤵
        
        PID:9932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        424⤵
        
        PID:9944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        425⤵
        
        PID:9956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        426⤵
        
        PID:9968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        427⤵
        
        PID:9984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        428⤵
        
        PID:10000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        429⤵
        
        PID:10016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        430⤵
        
        PID:10028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        431⤵
        
        PID:10040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        432⤵
        
        PID:10068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        433⤵
        
        PID:10088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        434⤵
        
        PID:10120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        435⤵
        
        PID:10152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        436⤵
        
        PID:10180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        437⤵
        
        PID:10204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        438⤵
        
        PID:9312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        439⤵
        
        PID:2588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        440⤵
        
        PID:4268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        441⤵
        
        PID:4716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        442⤵
        
        PID:3488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        443⤵
        
        PID:4108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        444⤵
        
        PID:1356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        445⤵
        
        PID:10080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        446⤵
        
        PID:3220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        447⤵
        
        PID:9000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        448⤵
        
        PID:8788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        449⤵
        
        PID:2068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        450⤵
        
        PID:1948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        451⤵
        
        PID:1764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        452⤵
        
        PID:10244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        453⤵
        
        PID:10256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        454⤵
        
        PID:10268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        455⤵
        
        PID:10284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        456⤵
        
        PID:10300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        457⤵
        
        PID:10312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        458⤵
        
        PID:10328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        459⤵
        
        PID:10340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        460⤵
        
        PID:10356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        461⤵
        
        PID:10372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        462⤵
        
        PID:10392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        463⤵
        
        PID:10404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        464⤵
        
        PID:10428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        465⤵
        
        PID:10440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        466⤵
        
        PID:10452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        467⤵
        
        PID:10468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        468⤵
        
        PID:10480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        469⤵
        
        PID:10496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        470⤵
        
        PID:10508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        471⤵
        
        PID:10524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        472⤵
        
        PID:10544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        473⤵
        
        PID:10556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        474⤵
        
        PID:10576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        475⤵
        
        PID:10588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        476⤵
        
        PID:10604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        477⤵
        
        PID:10620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        478⤵
        
        PID:10632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        479⤵
        
        PID:10648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        480⤵
        
        PID:10672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        481⤵
        
        PID:10692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        482⤵
        
        PID:10708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        483⤵
        
        PID:10720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        484⤵
        
        PID:10732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        485⤵
        
        PID:10748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        486⤵
        
        PID:10760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        487⤵
        
        PID:10772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        488⤵
        
        PID:10784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        489⤵
        
        PID:10800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        490⤵
        
        PID:10816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        491⤵
        
        PID:10828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        492⤵
        
        PID:10848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        493⤵
        
        PID:10860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        494⤵
        
        PID:10876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        495⤵
        
        PID:10892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        496⤵
        
        PID:10904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        497⤵
        
        PID:10920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        498⤵
        
        PID:10936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        499⤵
        
        PID:10948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        500⤵
        
        PID:10960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        501⤵
        
        PID:10972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        502⤵
        
        PID:10984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        503⤵
        
        PID:10996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        504⤵
        
        PID:11008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        505⤵
        
        PID:11020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        506⤵
        
        PID:11032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        507⤵
        
        PID:11044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        508⤵
        
        PID:11056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        509⤵
        
        PID:11068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        510⤵
        
        PID:11080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        511⤵
        
        PID:11092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        512⤵
        
        PID:11104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        513⤵
        
        PID:11120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        514⤵
        
        PID:11136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        515⤵
        
        PID:11152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        516⤵
        
        PID:11168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        517⤵
        
        PID:11180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        518⤵
        
        PID:11192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        519⤵
        
        PID:11204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        520⤵
        
        PID:11220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        521⤵
        
        PID:11232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        522⤵
        
        PID:11244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        523⤵
        
        PID:11256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        524⤵
        
        PID:2932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        525⤵
        
        PID:3140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        526⤵
        
        PID:1868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        527⤵
        
        PID:8412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        528⤵
        
        PID:4736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        529⤵
        
        PID:4368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        530⤵
        
        PID:3988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        531⤵
        
        PID:400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        532⤵
        
        PID:4020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        533⤵
        
        PID:4792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        534⤵
        
        PID:4908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        535⤵
        
        PID:2212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        536⤵
        
        PID:3564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        537⤵
        
        PID:8772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        538⤵
        
        PID:3708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        539⤵
        
        PID:8712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        540⤵
        
        PID:8708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        541⤵
        
        PID:8380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        542⤵
        
        PID:8356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        543⤵
        
        PID:8340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        544⤵
        
        PID:2428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        545⤵
        
        PID:2540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        546⤵
        
        PID:2352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        547⤵
        
        PID:1644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        548⤵
        
        PID:4496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        549⤵
        
        PID:4512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        550⤵
        
        PID:2192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        551⤵
        
        PID:4436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        552⤵
        
        PID:3800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        553⤵
        
        PID:8512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        554⤵
        
        PID:3672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        555⤵
        
        PID:5040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        556⤵
        
        PID:468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        557⤵
        
        PID:4956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        558⤵
        
        PID:1108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        559⤵
        
        PID:1532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        560⤵
        
        PID:64
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        561⤵
        
        PID:5148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        562⤵
        
        PID:5176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        563⤵
        
        PID:5232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        564⤵
        
        PID:5264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        565⤵
        
        PID:5280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        566⤵
        
        PID:5384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        567⤵
        
        PID:5440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        568⤵
        
        PID:5460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        569⤵
        
        PID:5500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        570⤵
        
        PID:5528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        571⤵
        
        PID:992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        572⤵
        
        PID:5552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        573⤵
        
        PID:5584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        574⤵
        
        PID:5616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        575⤵
        
        PID:5636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        576⤵
        
        PID:5676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        577⤵
        
        PID:5716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        578⤵
        
        PID:5748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        579⤵
        
        PID:4800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        580⤵
        
        PID:5780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        581⤵
        
        PID:5812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        582⤵
        
        PID:5848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        583⤵
        
        PID:5876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        584⤵
        
        PID:5924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        585⤵
        
        PID:5960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        586⤵
        
        PID:3844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        587⤵
        
        PID:6004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        588⤵
        
        PID:6052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        589⤵
        
        PID:6076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        590⤵
        
        PID:6120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        591⤵
        
        PID:4568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        592⤵
        
        PID:1152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        593⤵
        
        PID:6176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        594⤵
        
        PID:6220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        595⤵
        
        PID:6236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        596⤵
        
        PID:6280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        597⤵
        
        PID:8500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        598⤵
        
        PID:6332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        599⤵
        
        PID:6380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        600⤵
        
        PID:6404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        601⤵
        
        PID:6456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        602⤵
        
        PID:6504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        603⤵
        
        PID:11272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        604⤵
        
        PID:11284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        605⤵
        
        PID:11296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        606⤵
        
        PID:11308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        607⤵
        
        PID:11320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        608⤵
        
        PID:11332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        609⤵
        
        PID:11344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        610⤵
        
        PID:11356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        611⤵
        
        PID:11372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        612⤵
        
        PID:11388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        613⤵
        
        PID:11400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        614⤵
        
        PID:11412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        615⤵
        
        PID:11428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        616⤵
        
        PID:11448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        617⤵
        
        PID:11460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        618⤵
        
        PID:11472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        619⤵
        
        PID:11484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        620⤵
        
        PID:11496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        621⤵
        
        PID:11508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        622⤵
        
        PID:11520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        623⤵
        
        PID:11532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        624⤵
        
        PID:11544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        625⤵
        
        PID:11556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        626⤵
        
        PID:11580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        627⤵
        
        PID:11600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        628⤵
        
        PID:11612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        629⤵
        
        PID:11632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        630⤵
        
        PID:11644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        631⤵
        
        PID:11656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        632⤵
        
        PID:11672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        633⤵
        
        PID:11688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        634⤵
        
        PID:11704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        635⤵
        
        PID:11716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        636⤵
        
        PID:11728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        637⤵
        
        PID:11740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        638⤵
        
        PID:11752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        639⤵
        
        PID:11764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        640⤵
        
        PID:11776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        641⤵
        
        PID:11792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        642⤵
        
        PID:11804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        643⤵
        
        PID:11820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        644⤵
        
        PID:11832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        645⤵
        
        PID:11844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        646⤵
        
        PID:11856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        647⤵
        
        PID:11868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        648⤵
        
        PID:11884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        649⤵
        
        PID:11896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        650⤵
        
        PID:11916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        651⤵
        
        PID:11928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        652⤵
        
        PID:11940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        653⤵
        
        PID:11960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        654⤵
        
        PID:11972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        655⤵
        
        PID:11984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        656⤵
        
        PID:11996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        657⤵
        
        PID:12012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        658⤵
        
        PID:12028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        659⤵
        
        PID:12044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        660⤵
        
        PID:12056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        661⤵
        
        PID:12068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        662⤵
        
        PID:12084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        663⤵
        
        PID:12096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        664⤵
        
        PID:12112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        665⤵
        
        PID:12124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        666⤵
        
        PID:12136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        667⤵
        
        PID:12148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        668⤵
        
        PID:12160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        669⤵
        
        PID:12172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        670⤵
        
        PID:12184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        671⤵
        
        PID:12204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        672⤵
        
        PID:12216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        673⤵
        
        PID:12232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        674⤵
        
        PID:12244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        675⤵
        
        PID:12256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        676⤵
        
        PID:12272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        677⤵
        
        PID:12284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        678⤵
        
        PID:6564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        679⤵
        
        PID:6604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        680⤵
        
        PID:6640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        681⤵
        
        PID:6692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        682⤵
        
        PID:6732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        683⤵
        
        PID:6780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        684⤵
        
        PID:6796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        685⤵
        
        PID:6824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        686⤵
        
        PID:11572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        687⤵
        
        PID:6872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        688⤵
        
        PID:6912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        689⤵
        
        PID:6936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        690⤵
        
        PID:7004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        691⤵
        
        PID:7036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        692⤵
        
        PID:7072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        693⤵
        
        PID:7128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        694⤵
        
        PID:7160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        695⤵
        
        PID:7176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        696⤵
        
        PID:7208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        697⤵
        
        PID:7228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        698⤵
        
        PID:7272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        699⤵
        
        PID:7324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        700⤵
        
        PID:7384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        701⤵
        
        PID:7400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        702⤵
        
        PID:7464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        703⤵
        
        PID:7516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        704⤵
        
        PID:7568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        705⤵
        
        PID:7596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        706⤵
        
        PID:7636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        707⤵
        
        PID:7652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        708⤵
        
        PID:7692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        709⤵
        
        PID:7720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        710⤵
        
        PID:7772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        711⤵
        
        PID:7820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        712⤵
        
        PID:7868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        713⤵
        
        PID:7896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        714⤵
        
        PID:7960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        715⤵
        
        PID:12304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        716⤵
        
        PID:12316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        717⤵
        
        PID:12328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        718⤵
        
        PID:12356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        719⤵
        
        PID:12368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        720⤵
        
        PID:12380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        721⤵
        
        PID:12396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        722⤵
        
        PID:12412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        723⤵
        
        PID:12424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        724⤵
        
        PID:12436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        725⤵
        
        PID:12452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        726⤵
        
        PID:12468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        727⤵
        
        PID:12480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        728⤵
        
        PID:12496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        729⤵
        
        PID:12512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        730⤵
        
        PID:12524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        731⤵
        
        PID:12536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        732⤵
        
        PID:12548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        733⤵
        
        PID:12564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        734⤵
        
        PID:12576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        735⤵
        
        PID:12588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        736⤵
        
        PID:12600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        737⤵
        
        PID:12616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        738⤵
        
        PID:12628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        739⤵
        
        PID:12640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        740⤵
        
        PID:12652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        741⤵
        
        PID:12668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        742⤵
        
        PID:12684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        743⤵
        
        PID:12700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        744⤵
        
        PID:12712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        745⤵
        
        PID:12724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        746⤵
        
        PID:12736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        747⤵
        
        PID:12752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        748⤵
        
        PID:12764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        749⤵
        
        PID:12780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        750⤵
        
        PID:12796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        751⤵
        
        PID:12812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        752⤵
        
        PID:12824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        753⤵
        
        PID:12836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        754⤵
        
        PID:12852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        755⤵
        
        PID:12864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        756⤵
        
        PID:12876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        757⤵
        
        PID:12888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        758⤵
        
        PID:12904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        759⤵
        
        PID:12920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        760⤵
        
        PID:12936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        761⤵
        
        PID:12956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        762⤵
        
        PID:12968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        763⤵
        
        PID:12980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        764⤵
        
        PID:12992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        765⤵
        
        PID:13008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        766⤵
        
        PID:13020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        767⤵
        
        PID:13032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        768⤵
        
        PID:13048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        769⤵
        
        PID:13060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        770⤵
        
        PID:13076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        771⤵
        
        PID:13092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        772⤵
        
        PID:13104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        773⤵
        
        PID:13116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        774⤵
        
        PID:13128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        775⤵
        
        PID:13140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        776⤵
        
        PID:13152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        777⤵
        
        PID:13164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        778⤵
        
        PID:13176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        779⤵
        
        PID:13188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        780⤵
        
        PID:13200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        781⤵
        
        PID:13220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        782⤵
        
        PID:13232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        783⤵
        
        PID:13244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        784⤵
        
        PID:13256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        785⤵
        
        PID:13268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        786⤵
        
        PID:13280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        787⤵
        
        PID:13292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        788⤵
        
        PID:13304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        789⤵
        
        PID:7976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        790⤵
        
        PID:12336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        791⤵
        
        PID:8020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        792⤵
        
        PID:8060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        793⤵
        
        PID:7608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        794⤵
        
        PID:8104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        795⤵
        
        PID:8136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        796⤵
        
        PID:8180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        797⤵
        
        PID:8212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        798⤵
        
        PID:8236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        799⤵
        
        PID:8272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        800⤵
        
        PID:8304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        801⤵
        
        PID:8360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        802⤵
        
        PID:8440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        803⤵
        
        PID:8468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        804⤵
        
        PID:8536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        805⤵
        
        PID:8612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        806⤵
        
        PID:8632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        807⤵
        
        PID:8680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        808⤵
        
        PID:8752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        809⤵
        
        PID:8756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        810⤵
        
        PID:8812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        811⤵
        
        PID:8828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        812⤵
        
        PID:1544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        813⤵
        
        PID:8916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        814⤵
        
        PID:8948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        815⤵
        
        PID:8984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        816⤵
        
        PID:9020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        817⤵
        
        PID:9036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        818⤵
        
        PID:9072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        819⤵
        
        PID:9112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        820⤵
        
        PID:9152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        821⤵
        
        PID:2172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        822⤵
        
        PID:3936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        823⤵
        
        PID:8704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        824⤵
        
        PID:9244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        825⤵
        
        PID:9308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        826⤵
        
        PID:9344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        827⤵
        
        PID:9376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        828⤵
        
        PID:13208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        829⤵
        
        PID:9456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        830⤵
        
        PID:9512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        831⤵
        
        PID:9564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        832⤵
        
        PID:9616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        833⤵
        
        PID:9640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        834⤵
        
        PID:9680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        835⤵
        
        PID:2620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        836⤵
        
        PID:9728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        837⤵
        
        PID:9784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        838⤵
        
        PID:9840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        839⤵
        
        PID:9868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        840⤵
        
        PID:9096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        841⤵
        
        PID:9916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        842⤵
        
        PID:9952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        843⤵
        
        PID:9996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        844⤵
        
        PID:13320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        845⤵
        
        PID:13332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        846⤵
        
        PID:13344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        847⤵
        
        PID:13356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        848⤵
        
        PID:13368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        849⤵
        
        PID:13380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        850⤵
        
        PID:13392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        851⤵
        
        PID:13404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        852⤵
        
        PID:13420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        853⤵
        
        PID:13432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        854⤵
        
        PID:13444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        855⤵
        
        PID:13456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        856⤵
        
        PID:13468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        857⤵
        
        PID:13480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        858⤵
        
        PID:13496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        859⤵
        
        PID:13508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        860⤵
        
        PID:13520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        861⤵
        
        PID:13532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        862⤵
        
        PID:13544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        863⤵
        
        PID:13556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        864⤵
        
        PID:13568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        865⤵
        
        PID:13580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        866⤵
        
        PID:13592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        867⤵
        
        PID:13608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        868⤵
        
        PID:13620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        869⤵
        
        PID:13632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        870⤵
        
        PID:13644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        871⤵
        
        PID:13656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        872⤵
        
        PID:13668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        873⤵
        
        PID:13680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        874⤵
        
        PID:13700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        875⤵
        
        PID:13712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        876⤵
        
        PID:13732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ff938474cb2c9e3727d1a2ae4281ef12_JaffaCakes118.dll,#1
        877⤵
        
        PID:13744

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4068 --field-trial-handle=2236,i,5367110156796017614,12594004256180761011,262144 --variations-seed-version /prefetch:8
1⤵
PID:5188

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads