81e916619351ca1d16a7502ede072c205fcc61c0d526d4de746f5dbed4675390

Analysis

max time kernel
94s
max time network
95s
platform
windows10-2004_x64
resource
win10v2004-20240611-en
resource tags

arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
submitted
15/06/2024, 08:02

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll
Size

127KB
MD5

ad70cb29b2bb508192af5af6f7d8db79
SHA1

9a2d007befc2fa198084e3c6fc9eb2e7c2b5b4af
SHA256

81e916619351ca1d16a7502ede072c205fcc61c0d526d4de746f5dbed4675390
SHA512

9912cf01f6c4cd1ef6f8b453feeee82035680a4b378f4220f0fa2fa42bdcc9ab17c69f5874cf2364e88fbe55ef5545e56ac29d6ddea25fc7934c7ecf0558eb4e
SSDEEP

3072:PHP+UMJtOiIwToyzcauImLtGmLxl/pcWQjj72O5rNNJvuDfeCx:PHnyAhVejj71/NJuz

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4748 wrote to memory of 1428	4748	rundll32.exe	81
PID 4748 wrote to memory of 1428	4748	rundll32.exe	81
PID 4748 wrote to memory of 1428	4748	rundll32.exe	81
PID 1428 wrote to memory of 2484	1428	rundll32.exe	82
PID 1428 wrote to memory of 2484	1428	rundll32.exe	82
PID 1428 wrote to memory of 2484	1428	rundll32.exe	82
PID 2484 wrote to memory of 4900	2484	rundll32.exe	83
PID 2484 wrote to memory of 4900	2484	rundll32.exe	83
PID 2484 wrote to memory of 4900	2484	rundll32.exe	83
PID 4900 wrote to memory of 3668	4900	rundll32.exe	84
PID 4900 wrote to memory of 3668	4900	rundll32.exe	84
PID 4900 wrote to memory of 3668	4900	rundll32.exe	84
PID 3668 wrote to memory of 1372	3668	rundll32.exe	85
PID 3668 wrote to memory of 1372	3668	rundll32.exe	85
PID 3668 wrote to memory of 1372	3668	rundll32.exe	85
PID 1372 wrote to memory of 1532	1372	rundll32.exe	86
PID 1372 wrote to memory of 1532	1372	rundll32.exe	86
PID 1372 wrote to memory of 1532	1372	rundll32.exe	86
PID 1532 wrote to memory of 2252	1532	rundll32.exe	87
PID 1532 wrote to memory of 2252	1532	rundll32.exe	87
PID 1532 wrote to memory of 2252	1532	rundll32.exe	87
PID 2252 wrote to memory of 2724	2252	rundll32.exe	88
PID 2252 wrote to memory of 2724	2252	rundll32.exe	88
PID 2252 wrote to memory of 2724	2252	rundll32.exe	88
PID 2724 wrote to memory of 3220	2724	rundll32.exe	89
PID 2724 wrote to memory of 3220	2724	rundll32.exe	89
PID 2724 wrote to memory of 3220	2724	rundll32.exe	89
PID 3220 wrote to memory of 1152	3220	rundll32.exe	90
PID 3220 wrote to memory of 1152	3220	rundll32.exe	90
PID 3220 wrote to memory of 1152	3220	rundll32.exe	90
PID 1152 wrote to memory of 4264	1152	rundll32.exe	91
PID 1152 wrote to memory of 4264	1152	rundll32.exe	91
PID 1152 wrote to memory of 4264	1152	rundll32.exe	91
PID 4264 wrote to memory of 4760	4264	rundll32.exe	92
PID 4264 wrote to memory of 4760	4264	rundll32.exe	92
PID 4264 wrote to memory of 4760	4264	rundll32.exe	92
PID 4760 wrote to memory of 2856	4760	rundll32.exe	93
PID 4760 wrote to memory of 2856	4760	rundll32.exe	93
PID 4760 wrote to memory of 2856	4760	rundll32.exe	93
PID 2856 wrote to memory of 3724	2856	rundll32.exe	94
PID 2856 wrote to memory of 3724	2856	rundll32.exe	94
PID 2856 wrote to memory of 3724	2856	rundll32.exe	94
PID 3724 wrote to memory of 2868	3724	rundll32.exe	95
PID 3724 wrote to memory of 2868	3724	rundll32.exe	95
PID 3724 wrote to memory of 2868	3724	rundll32.exe	95
PID 2868 wrote to memory of 608	2868	rundll32.exe	96
PID 2868 wrote to memory of 608	2868	rundll32.exe	96
PID 2868 wrote to memory of 608	2868	rundll32.exe	96
PID 608 wrote to memory of 1608	608	rundll32.exe	97
PID 608 wrote to memory of 1608	608	rundll32.exe	97
PID 608 wrote to memory of 1608	608	rundll32.exe	97
PID 1608 wrote to memory of 3976	1608	rundll32.exe	98
PID 1608 wrote to memory of 3976	1608	rundll32.exe	98
PID 1608 wrote to memory of 3976	1608	rundll32.exe	98
PID 3976 wrote to memory of 560	3976	rundll32.exe	99
PID 3976 wrote to memory of 560	3976	rundll32.exe	99
PID 3976 wrote to memory of 560	3976	rundll32.exe	99
PID 560 wrote to memory of 208	560	rundll32.exe	100
PID 560 wrote to memory of 208	560	rundll32.exe	100
PID 560 wrote to memory of 208	560	rundll32.exe	100
PID 208 wrote to memory of 948	208	rundll32.exe	101
PID 208 wrote to memory of 948	208	rundll32.exe	101
PID 208 wrote to memory of 948	208	rundll32.exe	101
PID 948 wrote to memory of 748	948	rundll32.exe	102

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:4748
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
  2⤵
  - Suspicious use of WriteProcessMemory
  PID:1428
- - C:\Windows\SysWOW64\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
    3⤵
    - Suspicious use of WriteProcessMemory
    PID:2484
  - - C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
      4⤵
      Suspicious use of WriteProcessMemory
      PID:4900
    - - C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        5⤵
        Suspicious use of WriteProcessMemory
        
        PID:3668
      - C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        6⤵
        Suspicious use of WriteProcessMemory
        
        PID:1372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        7⤵
        Suspicious use of WriteProcessMemory
        
        PID:1532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        8⤵
        Suspicious use of WriteProcessMemory
        
        PID:2252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        9⤵
        Suspicious use of WriteProcessMemory
        
        PID:2724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        10⤵
        Suspicious use of WriteProcessMemory
        
        PID:3220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        11⤵
        Suspicious use of WriteProcessMemory
        
        PID:1152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        12⤵
        Suspicious use of WriteProcessMemory
        
        PID:4264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        13⤵
        Suspicious use of WriteProcessMemory
        
        PID:4760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        14⤵
        Suspicious use of WriteProcessMemory
        
        PID:2856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        15⤵
        Suspicious use of WriteProcessMemory
        
        PID:3724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        16⤵
        Suspicious use of WriteProcessMemory
        
        PID:2868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        17⤵
        Suspicious use of WriteProcessMemory
        
        PID:608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        18⤵
        Suspicious use of WriteProcessMemory
        
        PID:1608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        19⤵
        Suspicious use of WriteProcessMemory
        
        PID:3976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        20⤵
        Suspicious use of WriteProcessMemory
        
        PID:560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        21⤵
        Suspicious use of WriteProcessMemory
        
        PID:208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        22⤵
        Suspicious use of WriteProcessMemory
        
        PID:948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        23⤵
        
        PID:748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        24⤵
        
        PID:980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        25⤵
        
        PID:3980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        26⤵
        
        PID:4604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        27⤵
        
        PID:1768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        28⤵
        
        PID:1740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        29⤵
        
        PID:832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        30⤵
        
        PID:1856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        31⤵
        
        PID:1212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        32⤵
        
        PID:2632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        33⤵
        
        PID:3720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        34⤵
        
        PID:4144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        35⤵
        
        PID:1620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        36⤵
        
        PID:4800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        37⤵
        
        PID:2256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        38⤵
        
        PID:3176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        39⤵
        
        PID:3696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        40⤵
        
        PID:4188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        41⤵
        
        PID:4648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        42⤵
        
        PID:3968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        43⤵
        
        PID:5056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        44⤵
        
        PID:5004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        45⤵
        
        PID:2648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        46⤵
        
        PID:4612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        47⤵
        
        PID:4568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        48⤵
        
        PID:1964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        49⤵
        
        PID:1440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        50⤵
        
        PID:520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        51⤵
        
        PID:2704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        52⤵
        
        PID:2432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        53⤵
        
        PID:1084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        54⤵
        
        PID:3308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        55⤵
        
        PID:4968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        56⤵
        
        PID:3476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        57⤵
        
        PID:596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        58⤵
        
        PID:5036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        59⤵
        
        PID:5012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        60⤵
        
        PID:3512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        61⤵
        
        PID:3244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        62⤵
        
        PID:4196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        63⤵
        
        PID:4236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        64⤵
        
        PID:3404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        65⤵
        
        PID:4496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        66⤵
        
        PID:3552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        67⤵
        
        PID:4088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        68⤵
        
        PID:632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        69⤵
        
        PID:4328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        70⤵
        
        PID:3516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        71⤵
        
        PID:2748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        72⤵
        
        PID:4712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        73⤵
        
        PID:2460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        74⤵
        
        PID:2232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        75⤵
        
        PID:840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        76⤵
        
        PID:2112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        77⤵
        
        PID:1884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        78⤵
        
        PID:216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        79⤵
        
        PID:3816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        80⤵
        
        PID:3420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        81⤵
        
        PID:2148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        82⤵
        
        PID:4944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        83⤵
        
        PID:3460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        84⤵
        
        PID:1264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        85⤵
        
        PID:2732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        86⤵
        
        PID:4704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        87⤵
        
        PID:3444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        88⤵
        
        PID:3204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        89⤵
        
        PID:4464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        90⤵
        
        PID:4448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        91⤵
        
        PID:60
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        92⤵
        
        PID:2192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        93⤵
        
        PID:220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        94⤵
        
        PID:3200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        95⤵
        
        PID:3580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        96⤵
        
        PID:3368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        97⤵
        
        PID:720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        98⤵
        
        PID:1904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        99⤵
        
        PID:3556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        100⤵
        
        PID:3224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        101⤵
        
        PID:2136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        102⤵
        
        PID:2308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        103⤵
        
        PID:2800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        104⤵
        
        PID:1708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        105⤵
        
        PID:4616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        106⤵
        
        PID:5132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        107⤵
        
        PID:5152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        108⤵
        
        PID:5168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        109⤵
        
        PID:5184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        110⤵
        
        PID:5196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        111⤵
        
        PID:5212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        112⤵
        
        PID:5228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        113⤵
        
        PID:5244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        114⤵
        
        PID:5260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        115⤵
        
        PID:5272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        116⤵
        
        PID:5292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        117⤵
        
        PID:5308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        118⤵
        
        PID:5324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        119⤵
        
        PID:5340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        120⤵
        
        PID:5356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        121⤵
        
        PID:5372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        122⤵
        
        PID:5388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        123⤵
        
        PID:5400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        124⤵
        
        PID:5416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        125⤵
        
        PID:5432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        126⤵
        
        PID:5448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        127⤵
        
        PID:5464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        128⤵
        
        PID:5480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        129⤵
        
        PID:5496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        130⤵
        
        PID:5508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        131⤵
        
        PID:5520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        132⤵
        
        PID:5536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        133⤵
        
        PID:5552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        134⤵
        
        PID:5568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        135⤵
        
        PID:5584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        136⤵
        
        PID:5600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        137⤵
        
        PID:5616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        138⤵
        
        PID:5628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        139⤵
        
        PID:5644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        140⤵
        
        PID:5660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        141⤵
        
        PID:5672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        142⤵
        
        PID:5688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        143⤵
        
        PID:5704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        144⤵
        
        PID:5720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        145⤵
        
        PID:5736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        146⤵
        
        PID:5752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        147⤵
        
        PID:5768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        148⤵
        
        PID:5784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        149⤵
        
        PID:5804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        150⤵
        
        PID:5816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        151⤵
        
        PID:5832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        152⤵
        
        PID:5848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        153⤵
        
        PID:5864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        154⤵
        
        PID:5880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        155⤵
        
        PID:5896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        156⤵
        
        PID:5912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        157⤵
        
        PID:5932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        158⤵
        
        PID:5944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        159⤵
        
        PID:5960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        160⤵
        
        PID:5972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        161⤵
        
        PID:5988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        162⤵
        
        PID:6004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        163⤵
        
        PID:6016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        164⤵
        
        PID:6032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        165⤵
        
        PID:6048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        166⤵
        
        PID:6064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        167⤵
        
        PID:6080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        168⤵
        
        PID:6092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        169⤵
        
        PID:6108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        170⤵
        
        PID:6124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        171⤵
        
        PID:6136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        172⤵
        
        PID:5800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        173⤵
        
        PID:4740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        174⤵
        
        PID:4068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        175⤵
        
        PID:1204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        176⤵
        
        PID:2400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        177⤵
        
        PID:2352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        178⤵
        
        PID:6152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        179⤵
        
        PID:6164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        180⤵
        
        PID:6180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        181⤵
        
        PID:6196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        182⤵
        
        PID:6208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        183⤵
        
        PID:6224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        184⤵
        
        PID:6240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        185⤵
        
        PID:6252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        186⤵
        
        PID:6264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        187⤵
        
        PID:6276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        188⤵
        
        PID:6288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        189⤵
        
        PID:6304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        190⤵
        
        PID:6320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        191⤵
        
        PID:6332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        192⤵
        
        PID:6352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        193⤵
        
        PID:6368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        194⤵
        
        PID:6384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        195⤵
        
        PID:6396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        196⤵
        
        PID:6408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        197⤵
        
        PID:6424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        198⤵
        
        PID:6444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        199⤵
        
        PID:6460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        200⤵
        
        PID:6472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        201⤵
        
        PID:6488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        202⤵
        
        PID:6500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        203⤵
        
        PID:6516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        204⤵
        
        PID:6532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        205⤵
        
        PID:6544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        206⤵
        
        PID:6564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        207⤵
        
        PID:6580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        208⤵
        
        PID:6596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        209⤵
        
        PID:6612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        210⤵
        
        PID:6628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        211⤵
        
        PID:6644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        212⤵
        
        PID:6656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        213⤵
        
        PID:6672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        214⤵
        
        PID:6688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        215⤵
        
        PID:6700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        216⤵
        
        PID:6716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        217⤵
        
        PID:6732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        218⤵
        
        PID:6748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        219⤵
        
        PID:6760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        220⤵
        
        PID:6776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        221⤵
        
        PID:6792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        222⤵
        
        PID:6808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        223⤵
        
        PID:6824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        224⤵
        
        PID:6840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        225⤵
        
        PID:6856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        226⤵
        
        PID:6868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        227⤵
        
        PID:6884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        228⤵
        
        PID:6896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        229⤵
        
        PID:6912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        230⤵
        
        PID:6928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        231⤵
        
        PID:6940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        232⤵
        
        PID:6956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        233⤵
        
        PID:6968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        234⤵
        
        PID:6988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        235⤵
        
        PID:7000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        236⤵
        
        PID:7016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        237⤵
        
        PID:7032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        238⤵
        
        PID:7048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        239⤵
        
        PID:7060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        240⤵
        
        PID:7076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        241⤵
        
        PID:7092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        242⤵
        
        PID:7104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        243⤵
        
        PID:7120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        244⤵
        
        PID:7132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        245⤵
        
        PID:7144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        246⤵
        
        PID:7156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        247⤵
        
        PID:3864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        248⤵
        
        PID:7184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        249⤵
        
        PID:7200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        250⤵
        
        PID:7216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        251⤵
        
        PID:7228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        252⤵
        
        PID:7240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        253⤵
        
        PID:7256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        254⤵
        
        PID:7272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        255⤵
        
        PID:7284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        256⤵
        
        PID:7300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        257⤵
        
        PID:7312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        258⤵
        
        PID:7328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        259⤵
        
        PID:7340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        260⤵
        
        PID:7352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        261⤵
        
        PID:7368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        262⤵
        
        PID:7380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        263⤵
        
        PID:7396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        264⤵
        
        PID:7408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        265⤵
        
        PID:7424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        266⤵
        
        PID:7440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        267⤵
        
        PID:7456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        268⤵
        
        PID:7468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        269⤵
        
        PID:7484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        270⤵
        
        PID:7496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        271⤵
        
        PID:7512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        272⤵
        
        PID:7528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        273⤵
        
        PID:7544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        274⤵
        
        PID:7560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        275⤵
        
        PID:7576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        276⤵
        
        PID:7592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        277⤵
        
        PID:7604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        278⤵
        
        PID:7620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        279⤵
        
        PID:7636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        280⤵
        
        PID:7648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        281⤵
        
        PID:7664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        282⤵
        
        PID:7680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        283⤵
        
        PID:7696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        284⤵
        
        PID:7712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        285⤵
        
        PID:7728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        286⤵
        
        PID:7740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        287⤵
        
        PID:7752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        288⤵
        
        PID:7772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        289⤵
        
        PID:7788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        290⤵
        
        PID:7804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        291⤵
        
        PID:7820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        292⤵
        
        PID:7836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        293⤵
        
        PID:7848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        294⤵
        
        PID:7864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        295⤵
        
        PID:7876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        296⤵
        
        PID:7892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        297⤵
        
        PID:7912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        298⤵
        
        PID:7928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        299⤵
        
        PID:7944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        300⤵
        
        PID:7960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        301⤵
        
        PID:7976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        302⤵
        
        PID:7992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        303⤵
        
        PID:8008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        304⤵
        
        PID:8024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        305⤵
        
        PID:8040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        306⤵
        
        PID:8052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        307⤵
        
        PID:8068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        308⤵
        
        PID:8084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        309⤵
        
        PID:8100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        310⤵
        
        PID:8116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        311⤵
        
        PID:8132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        312⤵
        
        PID:8148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        313⤵
        
        PID:8164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        314⤵
        
        PID:8180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        315⤵
        
        PID:8196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        316⤵
        
        PID:8212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        317⤵
        
        PID:8228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        318⤵
        
        PID:8244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        319⤵
        
        PID:8260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        320⤵
        
        PID:8276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        321⤵
        
        PID:8288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        322⤵
        
        PID:8308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        323⤵
        
        PID:8324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        324⤵
        
        PID:8340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        325⤵
        
        PID:8356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        326⤵
        
        PID:8368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        327⤵
        
        PID:8384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        328⤵
        
        PID:8400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        329⤵
        
        PID:8416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        330⤵
        
        PID:8432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        331⤵
        
        PID:8448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        332⤵
        
        PID:8464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        333⤵
        
        PID:8480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        334⤵
        
        PID:8492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        335⤵
        
        PID:8504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        336⤵
        
        PID:8520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        337⤵
        
        PID:8532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        338⤵
        
        PID:8544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        339⤵
        
        PID:8560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        340⤵
        
        PID:8576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        341⤵
        
        PID:8592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        342⤵
        
        PID:8604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        343⤵
        
        PID:8620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        344⤵
        
        PID:8636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        345⤵
        
        PID:8656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        346⤵
        
        PID:8668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        347⤵
        
        PID:8680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        348⤵
        
        PID:8696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        349⤵
        
        PID:8712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        350⤵
        
        PID:8728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        351⤵
        
        PID:8744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        352⤵
        
        PID:8756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        353⤵
        
        PID:8772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        354⤵
        
        PID:8788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        355⤵
        
        PID:8804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        356⤵
        
        PID:8820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        357⤵
        
        PID:8836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        358⤵
        
        PID:8852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        359⤵
        
        PID:8868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        360⤵
        
        PID:8884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        361⤵
        
        PID:8900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        362⤵
        
        PID:8916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        363⤵
        
        PID:8928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        364⤵
        
        PID:8948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        365⤵
        
        PID:8960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        366⤵
        
        PID:8976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        367⤵
        
        PID:8992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        368⤵
        
        PID:9008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        369⤵
        
        PID:9024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        370⤵
        
        PID:9040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        371⤵
        
        PID:9052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        372⤵
        
        PID:9072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        373⤵
        
        PID:9088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        374⤵
        
        PID:9104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        375⤵
        
        PID:9120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        376⤵
        
        PID:9136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        377⤵
        
        PID:9148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        378⤵
        
        PID:9160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        379⤵
        
        PID:9176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        380⤵
        
        PID:9192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        381⤵
        
        PID:9208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        382⤵
        
        PID:3120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        383⤵
        
        PID:9228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        384⤵
        
        PID:9240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        385⤵
        
        PID:9256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        386⤵
        
        PID:9272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        387⤵
        
        PID:9288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        388⤵
        
        PID:9304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        389⤵
        
        PID:9320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        390⤵
        
        PID:9336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        391⤵
        
        PID:9352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        392⤵
        
        PID:9368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        393⤵
        
        PID:9388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        394⤵
        
        PID:9404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        395⤵
        
        PID:9416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        396⤵
        
        PID:9428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        397⤵
        
        PID:9440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        398⤵
        
        PID:9456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        399⤵
        
        PID:9468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        400⤵
        
        PID:9484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        401⤵
        
        PID:9500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        402⤵
        
        PID:9512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        403⤵
        
        PID:9532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        404⤵
        
        PID:9548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        405⤵
        
        PID:9560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        406⤵
        
        PID:9576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        407⤵
        
        PID:9588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        408⤵
        
        PID:9604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        409⤵
        
        PID:9620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        410⤵
        
        PID:9632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        411⤵
        
        PID:9648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        412⤵
        
        PID:9660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        413⤵
        
        PID:9680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        414⤵
        
        PID:9692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        415⤵
        
        PID:9704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        416⤵
        
        PID:9720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        417⤵
        
        PID:9732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        418⤵
        
        PID:9752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        419⤵
        
        PID:9768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        420⤵
        
        PID:9792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        421⤵
        
        PID:9808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        422⤵
        
        PID:9824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        423⤵
        
        PID:9836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        424⤵
        
        PID:9852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        425⤵
        
        PID:9864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        426⤵
        
        PID:9880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        427⤵
        
        PID:9892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        428⤵
        
        PID:9912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        429⤵
        
        PID:9924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        430⤵
        
        PID:9936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        431⤵
        
        PID:9952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        432⤵
        
        PID:9964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        433⤵
        
        PID:9976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        434⤵
        
        PID:9992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        435⤵
        
        PID:10004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        436⤵
        
        PID:10020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        437⤵
        
        PID:10036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        438⤵
        
        PID:10052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        439⤵
        
        PID:10064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        440⤵
        
        PID:10084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        441⤵
        
        PID:10100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        442⤵
        
        PID:10116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        443⤵
        
        PID:10128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        444⤵
        
        PID:10144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        445⤵
        
        PID:10160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        446⤵
        
        PID:10176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        447⤵
        
        PID:10192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        448⤵
        
        PID:10208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        449⤵
        
        PID:10224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        450⤵
        
        PID:9376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        451⤵
        
        PID:10256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        452⤵
        
        PID:10272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        453⤵
        
        PID:10284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        454⤵
        
        PID:10300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        455⤵
        
        PID:10316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        456⤵
        
        PID:10328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        457⤵
        
        PID:10344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        458⤵
        
        PID:10360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        459⤵
        
        PID:10376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        460⤵
        
        PID:10388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        461⤵
        
        PID:10404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        462⤵
        
        PID:10420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        463⤵
        
        PID:10432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        464⤵
        
        PID:10448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        465⤵
        
        PID:10464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        466⤵
        
        PID:10480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        467⤵
        
        PID:10496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        468⤵
        
        PID:10512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        469⤵
        
        PID:10528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        470⤵
        
        PID:10540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        471⤵
        
        PID:10556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        472⤵
        
        PID:10576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        473⤵
        
        PID:10592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        474⤵
        
        PID:10608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        475⤵
        
        PID:10624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        476⤵
        
        PID:10640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        477⤵
        
        PID:10656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        478⤵
        
        PID:10668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        479⤵
        
        PID:10688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        480⤵
        
        PID:10700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        481⤵
        
        PID:10716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        482⤵
        
        PID:10728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        483⤵
        
        PID:10740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        484⤵
        
        PID:10756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        485⤵
        
        PID:10772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        486⤵
        
        PID:10784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        487⤵
        
        PID:10804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        488⤵
        
        PID:10820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        489⤵
        
        PID:10836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        490⤵
        
        PID:10852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        491⤵
        
        PID:10868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        492⤵
        
        PID:10884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        493⤵
        
        PID:10900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        494⤵
        
        PID:10916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        495⤵
        
        PID:10932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        496⤵
        
        PID:10944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        497⤵
        
        PID:10964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        498⤵
        
        PID:10980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        499⤵
        
        PID:10996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        500⤵
        
        PID:11008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        501⤵
        
        PID:11020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        502⤵
        
        PID:11036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        503⤵
        
        PID:11052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        504⤵
        
        PID:11064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        505⤵
        
        PID:11084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        506⤵
        
        PID:11100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        507⤵
        
        PID:11116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        508⤵
        
        PID:11132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        509⤵
        
        PID:11148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        510⤵
        
        PID:11164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        511⤵
        
        PID:11180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        512⤵
        
        PID:11192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        513⤵
        
        PID:11208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        514⤵
        
        PID:11224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        515⤵
        
        PID:11240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        516⤵
        
        PID:11256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        517⤵
        
        PID:11272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        518⤵
        
        PID:11284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        519⤵
        
        PID:11304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        520⤵
        
        PID:11316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        521⤵
        
        PID:11336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        522⤵
        
        PID:11352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        523⤵
        
        PID:11368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        524⤵
        
        PID:11384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        525⤵
        
        PID:11400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        526⤵
        
        PID:11412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        527⤵
        
        PID:11424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        528⤵
        
        PID:11444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        529⤵
        
        PID:11460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        530⤵
        
        PID:11476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        531⤵
        
        PID:11488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        532⤵
        
        PID:11500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        533⤵
        
        PID:11516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        534⤵
        
        PID:11532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        535⤵
        
        PID:11552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        536⤵
        
        PID:11568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        537⤵
        
        PID:11580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        538⤵
        
        PID:11596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        539⤵
        
        PID:11608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        540⤵
        
        PID:11620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        541⤵
        
        PID:11636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        542⤵
        
        PID:11652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        543⤵
        
        PID:11664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        544⤵
        
        PID:11680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        545⤵
        
        PID:11692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        546⤵
        
        PID:11708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        547⤵
        
        PID:11724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        548⤵
        
        PID:11740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        549⤵
        
        PID:11752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        550⤵
        
        PID:11764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        551⤵
        
        PID:11776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        552⤵
        
        PID:11788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        553⤵
        
        PID:11800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        554⤵
        
        PID:11812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        555⤵
        
        PID:11824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        556⤵
        
        PID:11840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        557⤵
        
        PID:11856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        558⤵
        
        PID:11872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        559⤵
        
        PID:11888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        560⤵
        
        PID:11904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        561⤵
        
        PID:11920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        562⤵
        
        PID:11932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        563⤵
        
        PID:11948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        564⤵
        
        PID:11960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        565⤵
        
        PID:11972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        566⤵
        
        PID:11992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        567⤵
        
        PID:12004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        568⤵
        
        PID:12020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        569⤵
        
        PID:12036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        570⤵
        
        PID:12052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        571⤵
        
        PID:12068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        572⤵
        
        PID:12080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        573⤵
        
        PID:12096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        574⤵
        
        PID:12108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        575⤵
        
        PID:12124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        576⤵
        
        PID:12136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        577⤵
        
        PID:12152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        578⤵
        
        PID:12164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        579⤵
        
        PID:12180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        580⤵
        
        PID:12196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        581⤵
        
        PID:12212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        582⤵
        
        PID:12228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        583⤵
        
        PID:12248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        584⤵
        
        PID:12264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        585⤵
        
        PID:12276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        586⤵
        
        PID:12292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        587⤵
        
        PID:12304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        588⤵
        
        PID:12320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        589⤵
        
        PID:12336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        590⤵
        
        PID:12348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        591⤵
        
        PID:12364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        592⤵
        
        PID:12380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        593⤵
        
        PID:12392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        594⤵
        
        PID:12408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        595⤵
        
        PID:12424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        596⤵
        
        PID:12440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        597⤵
        
        PID:12452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        598⤵
        
        PID:12468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        599⤵
        
        PID:12484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        600⤵
        
        PID:12500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        601⤵
        
        PID:12512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        602⤵
        
        PID:12528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        603⤵
        
        PID:12540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        604⤵
        
        PID:12556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        605⤵
        
        PID:12572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        606⤵
        
        PID:12584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        607⤵
        
        PID:12596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        608⤵
        
        PID:12612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        609⤵
        
        PID:12624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        610⤵
        
        PID:12640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        611⤵
        
        PID:12656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        612⤵
        
        PID:12672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        613⤵
        
        PID:12688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        614⤵
        
        PID:12700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        615⤵
        
        PID:12716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        616⤵
        
        PID:12732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        617⤵
        
        PID:12748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        618⤵
        
        PID:12764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        619⤵
        
        PID:12776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        620⤵
        
        PID:12792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        621⤵
        
        PID:12804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        622⤵
        
        PID:12816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        623⤵
        
        PID:12832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        624⤵
        
        PID:12848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        625⤵
        
        PID:12860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        626⤵
        
        PID:12880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        627⤵
        
        PID:12896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        628⤵
        
        PID:12912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        629⤵
        
        PID:12928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        630⤵
        
        PID:12940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        631⤵
        
        PID:12956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        632⤵
        
        PID:12968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        633⤵
        
        PID:12984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        634⤵
        
        PID:13000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        635⤵
        
        PID:13012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        636⤵
        
        PID:13032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        637⤵
        
        PID:13048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        638⤵
        
        PID:13064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        639⤵
        
        PID:13080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        640⤵
        
        PID:13096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        641⤵
        
        PID:13108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        642⤵
        
        PID:13124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        643⤵
        
        PID:13144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        644⤵
        
        PID:13160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        645⤵
        
        PID:13176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        646⤵
        
        PID:13192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        647⤵
        
        PID:13204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        648⤵
        
        PID:13220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        649⤵
        
        PID:13236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        650⤵
        
        PID:13248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        651⤵
        
        PID:13264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        652⤵
        
        PID:13280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        653⤵
        
        PID:13292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        654⤵
        
        PID:13308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        655⤵
        
        PID:13324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        656⤵
        
        PID:13336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        657⤵
        
        PID:13352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        658⤵
        
        PID:13368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        659⤵
        
        PID:13384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        660⤵
        
        PID:13400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        661⤵
        
        PID:13416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        662⤵
        
        PID:13428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        663⤵
        
        PID:13440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        664⤵
        
        PID:13460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        665⤵
        
        PID:13472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        666⤵
        
        PID:13484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        667⤵
        
        PID:13500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        668⤵
        
        PID:13512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        669⤵
        
        PID:13528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        670⤵
        
        PID:13544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        671⤵
        
        PID:13556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        672⤵
        
        PID:13568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        673⤵
        
        PID:13584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        674⤵
        
        PID:13600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        675⤵
        
        PID:13616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        676⤵
        
        PID:13628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        677⤵
        
        PID:13644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        678⤵
        
        PID:13656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        679⤵
        
        PID:13672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        680⤵
        
        PID:13684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        681⤵
        
        PID:13700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        682⤵
        
        PID:13716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        683⤵
        
        PID:13728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        684⤵
        
        PID:13740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        685⤵
        
        PID:13752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        686⤵
        
        PID:13772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        687⤵
        
        PID:13788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        688⤵
        
        PID:13800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        689⤵
        
        PID:13820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        690⤵
        
        PID:13840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        691⤵
        
        PID:13856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        692⤵
        
        PID:13868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        693⤵
        
        PID:13880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        694⤵
        
        PID:13896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        695⤵
        
        PID:13908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        696⤵
        
        PID:13924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        697⤵
        
        PID:13936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        698⤵
        
        PID:13952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        699⤵
        
        PID:13968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        700⤵
        
        PID:13980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        701⤵
        
        PID:14000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        702⤵
        
        PID:14012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        703⤵
        
        PID:14024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        704⤵
        
        PID:14040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        705⤵
        
        PID:14056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        706⤵
        
        PID:14072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        707⤵
        
        PID:14088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        708⤵
        
        PID:14104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        709⤵
        
        PID:14120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        710⤵
        
        PID:14132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        711⤵
        
        PID:14144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        712⤵
        
        PID:14160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        713⤵
        
        PID:14176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        714⤵
        
        PID:14192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        715⤵
        
        PID:14204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        716⤵
        
        PID:14220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        717⤵
        
        PID:14232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        718⤵
        
        PID:14248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        719⤵
        
        PID:14264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        720⤵
        
        PID:14280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        721⤵
        
        PID:14296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        722⤵
        
        PID:14312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        723⤵
        
        PID:14328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        724⤵
        
        PID:14340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        725⤵
        
        PID:14356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        726⤵
        
        PID:14372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        727⤵
        
        PID:14388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        728⤵
        
        PID:14400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        729⤵
        
        PID:14416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        730⤵
        
        PID:14428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        731⤵
        
        PID:14440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        732⤵
        
        PID:14452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        733⤵
        
        PID:14468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        734⤵
        
        PID:14480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        735⤵
        
        PID:14500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        736⤵
        
        PID:14516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        737⤵
        
        PID:14528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        738⤵
        
        PID:14544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        739⤵
        
        PID:14556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        740⤵
        
        PID:14576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        741⤵
        
        PID:14588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        742⤵
        
        PID:14608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        743⤵
        
        PID:14620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        744⤵
        
        PID:14636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        745⤵
        
        PID:14652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        746⤵
        
        PID:14668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        747⤵
        
        PID:14680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        748⤵
        
        PID:14692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        749⤵
        
        PID:14708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        750⤵
        
        PID:14724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        751⤵
        
        PID:14740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        752⤵
        
        PID:14756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        753⤵
        
        PID:14772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        754⤵
        
        PID:14788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        755⤵
        
        PID:14804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        756⤵
        
        PID:14820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        757⤵
        
        PID:14836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        758⤵
        
        PID:14848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        759⤵
        
        PID:14864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        760⤵
        
        PID:14880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        761⤵
        
        PID:14896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        762⤵
        
        PID:14912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        763⤵
        
        PID:14928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        764⤵
        
        PID:14940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        765⤵
        
        PID:14952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        766⤵
        
        PID:14964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        767⤵
        
        PID:14980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        768⤵
        
        PID:14996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        769⤵
        
        PID:15008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        770⤵
        
        PID:15024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        771⤵
        
        PID:15036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        772⤵
        
        PID:15048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        773⤵
        
        PID:15060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        774⤵
        
        PID:15076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        775⤵
        
        PID:15088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        776⤵
        
        PID:15104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        777⤵
        
        PID:15116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        778⤵
        
        PID:15128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        779⤵
        
        PID:15144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        780⤵
        
        PID:15156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        781⤵
        
        PID:15168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        782⤵
        
        PID:15184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        783⤵
        
        PID:15200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        784⤵
        
        PID:15212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        785⤵
        
        PID:15228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        786⤵
        
        PID:15244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        787⤵
        
        PID:15264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        788⤵
        
        PID:15276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        789⤵
        
        PID:15292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        790⤵
        
        PID:15308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        791⤵
        
        PID:15324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        792⤵
        
        PID:15348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        793⤵
        
        PID:13812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        794⤵
        
        PID:14536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        795⤵
        
        PID:15372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        796⤵
        
        PID:15384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        797⤵
        
        PID:15400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        798⤵
        
        PID:15416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        799⤵
        
        PID:15428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        800⤵
        
        PID:15444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        801⤵
        
        PID:15456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        802⤵
        
        PID:15472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        803⤵
        
        PID:15488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        804⤵
        
        PID:15504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        805⤵
        
        PID:15520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        806⤵
        
        PID:15532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        807⤵
        
        PID:15548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        808⤵
        
        PID:15564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        809⤵
        
        PID:15580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        810⤵
        
        PID:15596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        811⤵
        
        PID:15612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        812⤵
        
        PID:15628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        813⤵
        
        PID:15652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        814⤵
        
        PID:15664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        815⤵
        
        PID:15680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        816⤵
        
        PID:15700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        817⤵
        
        PID:15712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        818⤵
        
        PID:15724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        819⤵
        
        PID:15736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        820⤵
        
        PID:15752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        821⤵
        
        PID:15772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        822⤵
        
        PID:15788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        823⤵
        
        PID:15800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        824⤵
        
        PID:15812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        825⤵
        
        PID:15828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        826⤵
        
        PID:15844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        827⤵
        
        PID:15856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        828⤵
        
        PID:15868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        829⤵
        
        PID:15880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        830⤵
        
        PID:15892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        831⤵
        
        PID:15908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        832⤵
        
        PID:15924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        833⤵
        
        PID:15936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        834⤵
        
        PID:15956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        835⤵
        
        PID:15972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        836⤵
        
        PID:15992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        837⤵
        
        PID:16008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        838⤵
        
        PID:16024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        839⤵
        
        PID:16036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        840⤵
        
        PID:16052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        841⤵
        
        PID:16068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        842⤵
        
        PID:16084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        843⤵
        
        PID:16096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        844⤵
        
        PID:16112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        845⤵
        
        PID:16128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        846⤵
        
        PID:16144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        847⤵
        
        PID:16160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        848⤵
        
        PID:16172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        849⤵
        
        PID:16184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        850⤵
        
        PID:16196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        851⤵
        
        PID:16208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        852⤵
        
        PID:16224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        853⤵
        
        PID:16240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        854⤵
        
        PID:16256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        855⤵
        
        PID:16272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        856⤵
        
        PID:16284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        857⤵
        
        PID:16300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        858⤵
        
        PID:16312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        859⤵
        
        PID:16324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        860⤵
        
        PID:16340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        861⤵
        
        PID:16352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        862⤵
        
        PID:16368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        863⤵
        
        PID:4784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        864⤵
        
        PID:4200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        865⤵
        
        PID:2700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        866⤵
        
        PID:2372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        867⤵
        
        PID:4916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        868⤵
        
        PID:4700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        869⤵
        
        PID:16400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        870⤵
        
        PID:16416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        871⤵
        
        PID:16432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        872⤵
        
        PID:16448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        873⤵
        
        PID:16464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        874⤵
        
        PID:16480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        875⤵
        
        PID:16496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        876⤵
        
        PID:16512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        877⤵
        
        PID:16528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        878⤵
        
        PID:16544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        879⤵
        
        PID:16560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        880⤵
        
        PID:16576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        881⤵
        
        PID:16596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        882⤵
        
        PID:16612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        883⤵
        
        PID:16624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        884⤵
        
        PID:16644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        885⤵
        
        PID:16660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        886⤵
        
        PID:16676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        887⤵
        
        PID:16692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        888⤵
        
        PID:16708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        889⤵
        
        PID:16724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        890⤵
        
        PID:16740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        891⤵
        
        PID:16756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        892⤵
        
        PID:16772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        893⤵
        
        PID:16784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        894⤵
        
        PID:16800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        895⤵
        
        PID:16816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        896⤵
        
        PID:16828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        897⤵
        
        PID:16844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        898⤵
        
        PID:16860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\ad70cb29b2bb508192af5af6f7d8db79_JaffaCakes118.dll,#1
        899⤵
        
        PID:16876

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/16800-2-0x0000000075520000-0x00000000757A4000-memory.dmp

Filesize
2.5MB

Download
memory/16816-1-0x0000000075520000-0x00000000757A4000-memory.dmp

Filesize
2.5MB

Download
memory/16828-0-0x0000000075520000-0x00000000757A4000-memory.dmp

Filesize
2.5MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads