c180324ea070eeccd6ef4e5bca8e276ece2334f6121bf31367efc033ef0a49dd

Analysis

max time kernel
155s
max time network
162s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
20-06-2024 09:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Size

180KB
MD5

04b0e9756c6a99e16ba2dcf6cc3953e2
SHA1

30976bfc2e832aad5a38ae513a436a3ebc878ef8
SHA256

c180324ea070eeccd6ef4e5bca8e276ece2334f6121bf31367efc033ef0a49dd
SHA512

322bdbfa4619ed5f4253d06c68fd2216561197abde2081e62d5c07d77d35843b9b5ec2b34b8e7b716761d0666d4cf444ec2c09862a7383ed62587f53d9016b2a
SSDEEP

3072:jJtQMdQ9o6LrPMJB7GPTMy6LC3OKogH9fsdMLtIji1xzt78lCDsw:dCr0nqPI/LC3fogHJsdMRIot7wCDsw

Score

4^/10

Malware Config

Signatures

Drops file in Windows directory 5 IoCs

description	ioc	Process
File created	C:\Windows\Microsoft.NET\Framework64\v2.0.50727\config\enterprisesec.config.cch.new	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
File created	C:\Windows\Microsoft.NET\Framework64\v2.0.50727\config\security.config.cch.new	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
File created	C:\Windows\Microsoft.NET\Framework64\v2.0.50727\config\enterprisesec.config.cch.new	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
File created	C:\Windows\Microsoft.NET\Framework64\v2.0.50727\config\security.config.cch.new	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
File created	C:\Windows\Microsoft.NET\Framework64\v2.0.50727\config\enterprisesec.config.cch.new	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeDebugPrivilege	3232	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	4748	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	1944	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	3688	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	4040	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	228	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	4376	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	2568	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	2812	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	624	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	1964	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	4480	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	4076	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	1008	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	4140	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	3396	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	2916	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	2820	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	4904	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	2336	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	3476	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	464	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	1556	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	4984	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	2624	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	4472	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	3368	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	1248	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	4900	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	3824	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	3616	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	2024	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	4616	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	436	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	3648	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	456	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	5072	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	1944	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	3688	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	3984	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	2664	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	5060	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	3048	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	2368	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	2252	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	4588	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	3044	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	4308	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	4452	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	3716	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	2820	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	772	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	4400	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	2336	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	3476	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	5076	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	2152	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	2000	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	1016	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	3572	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	916	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	3248	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	1364	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
Token: SeDebugPrivilege	4756	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3232 wrote to memory of 4748	3232	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	91
PID 3232 wrote to memory of 4748	3232	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	91
PID 4748 wrote to memory of 1944	4748	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	92
PID 4748 wrote to memory of 1944	4748	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	92
PID 1944 wrote to memory of 3688	1944	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	93
PID 1944 wrote to memory of 3688	1944	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	93
PID 3688 wrote to memory of 4040	3688	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	94
PID 3688 wrote to memory of 4040	3688	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	94
PID 4040 wrote to memory of 228	4040	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	95
PID 4040 wrote to memory of 228	4040	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	95
PID 228 wrote to memory of 4376	228	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	96
PID 228 wrote to memory of 4376	228	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	96
PID 4376 wrote to memory of 2568	4376	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	97
PID 4376 wrote to memory of 2568	4376	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	97
PID 2568 wrote to memory of 2812	2568	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	98
PID 2568 wrote to memory of 2812	2568	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	98
PID 2812 wrote to memory of 624	2812	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	99
PID 2812 wrote to memory of 624	2812	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	99
PID 624 wrote to memory of 1964	624	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	100
PID 624 wrote to memory of 1964	624	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	100
PID 1964 wrote to memory of 4480	1964	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	102
PID 1964 wrote to memory of 4480	1964	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	102
PID 4480 wrote to memory of 4076	4480	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	104
PID 4480 wrote to memory of 4076	4480	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	104
PID 4076 wrote to memory of 1008	4076	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	105
PID 4076 wrote to memory of 1008	4076	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	105
PID 1008 wrote to memory of 4140	1008	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	106
PID 1008 wrote to memory of 4140	1008	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	106
PID 4140 wrote to memory of 3396	4140	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	107
PID 4140 wrote to memory of 3396	4140	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	107
PID 3396 wrote to memory of 2916	3396	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	108
PID 3396 wrote to memory of 2916	3396	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	108
PID 2916 wrote to memory of 2820	2916	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	109
PID 2916 wrote to memory of 2820	2916	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	109
PID 2820 wrote to memory of 4904	2820	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	110
PID 2820 wrote to memory of 4904	2820	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	110
PID 4904 wrote to memory of 2336	4904	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	111
PID 4904 wrote to memory of 2336	4904	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	111
PID 2336 wrote to memory of 3476	2336	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	114
PID 2336 wrote to memory of 3476	2336	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	114
PID 3476 wrote to memory of 464	3476	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	115
PID 3476 wrote to memory of 464	3476	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	115
PID 464 wrote to memory of 1556	464	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	116
PID 464 wrote to memory of 1556	464	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	116
PID 1556 wrote to memory of 4984	1556	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	118
PID 1556 wrote to memory of 4984	1556	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	118
PID 4984 wrote to memory of 2624	4984	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	119
PID 4984 wrote to memory of 2624	4984	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	119
PID 2624 wrote to memory of 4472	2624	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	120
PID 2624 wrote to memory of 4472	2624	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	120
PID 4472 wrote to memory of 3368	4472	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	121
PID 4472 wrote to memory of 3368	4472	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	121
PID 3368 wrote to memory of 1248	3368	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	122
PID 3368 wrote to memory of 1248	3368	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	122
PID 1248 wrote to memory of 4900	1248	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	123
PID 1248 wrote to memory of 4900	1248	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	123
PID 4900 wrote to memory of 3824	4900	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	124
PID 4900 wrote to memory of 3824	4900	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	124
PID 3824 wrote to memory of 3616	3824	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	125
PID 3824 wrote to memory of 3616	3824	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	125
PID 3616 wrote to memory of 2024	3616	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	126
PID 3616 wrote to memory of 2024	3616	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	126
PID 2024 wrote to memory of 4616	2024	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	128
PID 2024 wrote to memory of 4616	2024	04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe	128

C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe"
1⤵
- Drops file in Windows directory
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:3232
- C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
  C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
  2⤵
  - Drops file in Windows directory
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of WriteProcessMemory
  PID:4748
- - C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
    C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
    3⤵
    - Drops file in Windows directory
    - Suspicious use of AdjustPrivilegeToken
    - Suspicious use of WriteProcessMemory
    PID:1944
  - - C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
      C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
      4⤵
      Suspicious use of AdjustPrivilegeToken
      Suspicious use of WriteProcessMemory
      PID:3688
    - - C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        5⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:4040
      - C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        6⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:228
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        7⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:4376
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        8⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:2568
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        9⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:2812
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        10⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:624
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        11⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:1964
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        12⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:4480
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        13⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:4076
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        14⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:1008
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        15⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:4140
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        16⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:3396
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        17⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:2916
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        18⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:2820
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        19⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:4904
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        20⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:2336
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        21⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:3476
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        22⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:464
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        23⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:1556
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        24⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:4984
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        25⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:2624
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        26⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:4472
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        27⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:3368
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        28⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:1248
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        29⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:4900
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        30⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:3824
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        31⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:3616
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        32⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:2024
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        33⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:4616
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        34⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:436
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        35⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:3648
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        36⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:456
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        37⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:5072
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        38⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1944
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        39⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:3688
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        40⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:3984
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        41⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:2664
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        42⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:5060
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        43⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:3048
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        44⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:2368
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        45⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:2252
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        46⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:4588
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        47⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:3044
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        48⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:4308
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        49⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:4452
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        50⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:3716
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        51⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:2820
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        52⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:772
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        53⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:4400
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        54⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:2336
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        55⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:3476
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        56⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:5076
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        57⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:2152
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        58⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:2000
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        59⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1016
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        60⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:3572
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        61⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:916
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        62⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:3248
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        63⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1364
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        64⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:4756
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        65⤵
        
        PID:2148
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        66⤵
        
        PID:3232
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        67⤵
        
        PID:1056
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        68⤵
        
        PID:4700
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        69⤵
        
        PID:4064
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        70⤵
        
        PID:3192
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        71⤵
        
        PID:4620
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        72⤵
        
        PID:2860
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        73⤵
        
        PID:1492
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        74⤵
        
        PID:1300
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        75⤵
        
        PID:3032
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        76⤵
        
        PID:752
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        77⤵
        
        PID:2652
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        78⤵
        
        PID:3100
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        79⤵
        
        PID:4080
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        80⤵
        
        PID:4952
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        81⤵
        
        PID:1332
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        82⤵
        
        PID:3396
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        83⤵
        
        PID:2308
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        84⤵
        
        PID:892
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        85⤵
        
        PID:2760
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        86⤵
        
        PID:3328
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        87⤵
        
        PID:4372
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        88⤵
        
        PID:4400
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        89⤵
        
        PID:3548
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        90⤵
        
        PID:4676
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        91⤵
        
        PID:3424
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        92⤵
        
        PID:4412
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        93⤵
        
        PID:1548
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        94⤵
        
        PID:3152
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        95⤵
        
        PID:1016
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        96⤵
        
        PID:4388
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        97⤵
        
        PID:1248
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        98⤵
        
        PID:4900
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        99⤵
        
        PID:2936
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        100⤵
        
        PID:536
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        101⤵
        
        PID:1772
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        102⤵
        
        PID:1516
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        103⤵
        
        PID:4024
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        104⤵
        
        PID:2244
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        105⤵
        
        PID:1928
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        106⤵
        
        PID:1236
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        107⤵
        
        PID:436
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        108⤵
        
        PID:3828
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        109⤵
        
        PID:3468
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        110⤵
        
        PID:4968
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        111⤵
        
        PID:3192
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        112⤵
        
        PID:4172
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        113⤵
        
        PID:2096
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        114⤵
        
        PID:4040
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        115⤵
        
        PID:728
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        116⤵
        
        PID:512
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        117⤵
        
        PID:3780
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        118⤵
        
        PID:3056
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        119⤵
        
        PID:3700
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        120⤵
        
        PID:4588
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        121⤵
        
        PID:2876
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        122⤵
        
        PID:3044
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        123⤵
        
        PID:4308
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        124⤵
        
        PID:3896
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        125⤵
        
        PID:2112
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        126⤵
        
        PID:616
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        127⤵
        
        PID:772
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        128⤵
        
        PID:440
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        129⤵
        
        PID:3972
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        130⤵
        
        PID:1392
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        131⤵
        
        PID:2156
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        132⤵
        
        PID:1948
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        133⤵
        
        PID:960
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        134⤵
        
        PID:1112
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        135⤵
        
        PID:2168
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        136⤵
        
        PID:4580
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        137⤵
        
        PID:2508
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        138⤵
        
        PID:3472
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        139⤵
        
        PID:5080
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        140⤵
        
        PID:4912
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        141⤵
        
        PID:2980
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        142⤵
        
        PID:2756
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        143⤵
        
        PID:5088
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        144⤵
        
        PID:4772
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        145⤵
        
        PID:4660
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        146⤵
        
        PID:3260
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        147⤵
        
        PID:3560
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        148⤵
        
        PID:2460
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        149⤵
        
        PID:1076
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        150⤵
        
        PID:3828
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        151⤵
        
        PID:3468
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        152⤵
        
        PID:2472
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        153⤵
        
        PID:3688
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        154⤵
        
        PID:1956
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        155⤵
        
        PID:2664
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        156⤵
        
        PID:2196
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        157⤵
        
        PID:3088
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        158⤵
        
        PID:1012
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        159⤵
        
        PID:3416
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        160⤵
        
        PID:3100
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        161⤵
        
        PID:4380
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        162⤵
        
        PID:4140
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        163⤵
        
        PID:1332
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        164⤵
        
        PID:4308
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        165⤵
        
        PID:3896
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        166⤵
        
        PID:3128
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        167⤵
        
        PID:620
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        168⤵
        
        PID:772
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        169⤵
        
        PID:440
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        170⤵
        
        PID:3548
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        171⤵
        
        PID:3924
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        172⤵
        
        PID:2156
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        173⤵
        
        PID:4412
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        174⤵
        
        PID:1340
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        175⤵
        
        PID:1112
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        176⤵
        
        PID:2168
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        177⤵
        
        PID:3844
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        178⤵
        
        PID:1248
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        179⤵
        
        PID:3224
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        180⤵
        
        PID:2936
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        181⤵
        
        PID:748
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        182⤵
        
        PID:1772
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        183⤵
        
        PID:4404
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        184⤵
        
        PID:4024
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        185⤵
        
        PID:1532
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        186⤵
        
        PID:4660
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        187⤵
        
        PID:4760
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        188⤵
        
        PID:3232
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        189⤵
        
        PID:2460
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        190⤵
        
        PID:1804
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        191⤵
        
        PID:1436
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        192⤵
        
        PID:3532
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        193⤵
        
        PID:3236
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        194⤵
        
        PID:1824
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        195⤵
        
        PID:4172
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        196⤵
        
        PID:2268
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        197⤵
        
        PID:4816
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        198⤵
        
        PID:1876
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        199⤵
        
        PID:3032
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        200⤵
        
        PID:3780
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        201⤵
        
        PID:3056
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        202⤵
        
        PID:4088
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        203⤵
        
        PID:3952
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        204⤵
        
        PID:4380
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        205⤵
        
        PID:4140
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        206⤵
        
        PID:1332
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        207⤵
        
        PID:4308
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        208⤵
        
        PID:3896
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        209⤵
        
        PID:3128
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        210⤵
        
        PID:620
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        211⤵
        
        PID:772
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        212⤵
        
        PID:440
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        213⤵
        
        PID:3548
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        214⤵
        
        PID:3924
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        215⤵
        
        PID:2156
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        216⤵
        
        PID:4412
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        217⤵
        
        PID:1340
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        218⤵
        
        PID:1112
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        219⤵
        
        PID:2168
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        220⤵
        
        PID:3844
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        221⤵
        
        PID:1248
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        222⤵
        
        PID:3224
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        223⤵
        
        PID:2936
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        224⤵
        
        PID:748
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        225⤵
        
        PID:1772
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        226⤵
        
        PID:4404
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        227⤵
        
        PID:720
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        228⤵
        
        PID:1564
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        229⤵
        
        PID:1096
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        230⤵
        
        PID:4048
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        231⤵
        
        PID:2460
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        232⤵
        
        PID:1804
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        233⤵
        
        PID:1436
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        234⤵
        
        PID:3532
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        235⤵
        
        PID:1188
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        236⤵
        
        PID:4748
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        237⤵
        
        PID:3688
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        238⤵
        
        PID:1492
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        239⤵
        
        PID:756
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        240⤵
        
        PID:2096
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        241⤵
        
        PID:3088
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        242⤵
        
        PID:1312
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        243⤵
        
        PID:2392
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        244⤵
        
        PID:4088
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        245⤵
        
        PID:3952
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        246⤵
        
        PID:2368
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        247⤵
        
        PID:1632
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        248⤵
        
        PID:1668
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        249⤵
        
        PID:2140
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        250⤵
        
        PID:2416
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        251⤵
        
        PID:4680
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        252⤵
        
        PID:4212
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        253⤵
        
        PID:1380
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        254⤵
        
        PID:960
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        255⤵
        
        PID:4256
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        256⤵
        
        PID:3368
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        257⤵
        
        PID:4044
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        258⤵
        
        PID:4388
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        259⤵
        
        PID:3992
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        260⤵
        
        PID:1704
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        261⤵
        
        PID:5080
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        262⤵
        
        PID:3564
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        263⤵
        
        PID:3616
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        264⤵
        
        PID:5024
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        265⤵
        
        PID:5088
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        266⤵
        
        PID:220
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        267⤵
        
        PID:3676
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        268⤵
        
        PID:1532
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        269⤵
        
        PID:1544
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        270⤵
        
        PID:4760
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        271⤵
        
        PID:2204
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        272⤵
        
        PID:1864
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        273⤵
        
        PID:1804
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        274⤵
        
        PID:184
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        275⤵
        
        PID:456
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        276⤵
        
        PID:3468
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        277⤵
        
        PID:4500
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        278⤵
        
        PID:3688
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        279⤵
        
        PID:4040
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        280⤵
        
        PID:1300
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        281⤵
        
        PID:2944
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        282⤵
        
        PID:2328
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        283⤵
        
        PID:1964
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        284⤵
        
        PID:2860
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        285⤵
        
        PID:3700
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        286⤵
        
        PID:3704
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        287⤵
        
        PID:4080
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        288⤵
        
        PID:2816
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        289⤵
        
        PID:2312
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        290⤵
        
        PID:4932
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        291⤵
        
        PID:2956
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        292⤵
        
        PID:1332
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        293⤵
        
        PID:1676
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        294⤵
        
        PID:1144
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        295⤵
        
        PID:2140
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        296⤵
        
        PID:3784
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        297⤵
        
        PID:4728
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        298⤵
        
        PID:3464
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        299⤵
        
        PID:808
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        300⤵
        
        PID:2880
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        301⤵
        
        PID:4960
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        302⤵
        
        PID:224
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        303⤵
        
        PID:1380
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        304⤵
        
        PID:940
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        305⤵
        
        PID:4256
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        306⤵
        
        PID:4472
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        307⤵
        
        PID:4840
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        308⤵
        
        PID:2772
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        309⤵
        
        PID:3572
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        310⤵
        
        PID:1412
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        311⤵
        
        PID:1704
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        312⤵
        
        PID:5080
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        313⤵
        
        PID:3824
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        314⤵
        
        PID:1364
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        315⤵
        
        PID:3480
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        316⤵
        
        PID:5088
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        317⤵
        
        PID:3940
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        318⤵
        
        PID:2108
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        319⤵
        
        PID:1532
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        320⤵
        
        PID:1448
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        321⤵
        
        PID:4760
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        322⤵
        
        PID:1556
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        323⤵
        
        PID:4984
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        324⤵
        
        PID:4812
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        325⤵
        
        PID:184
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        326⤵
        
        PID:2472
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        327⤵
        
        PID:416
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        328⤵
        
        PID:2212
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        329⤵
        
        PID:3688
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        330⤵
        
        PID:3984
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        331⤵
        
        PID:3608
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        332⤵
        
        PID:708
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        333⤵
        
        PID:2328
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        334⤵
        
        PID:3032
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        335⤵
        
        PID:3416
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        336⤵
        
        PID:2252
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        337⤵
        
        PID:3704
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        338⤵
        
        PID:2916
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        339⤵
        
        PID:660
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        340⤵
        
        PID:2548
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        341⤵
        
        PID:2368
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        342⤵
        
        PID:892
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        343⤵
        
        PID:616
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        344⤵
        
        PID:992
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        345⤵
        
        PID:2648
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        346⤵
        
        PID:1664
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        347⤵
        
        PID:4400
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        348⤵
        
        PID:1388
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        349⤵
        
        PID:4324
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        350⤵
        
        PID:4584
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        351⤵
        
        PID:3164
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        352⤵
        
        PID:440
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        353⤵
        
        PID:3424
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        354⤵
        
        PID:2000
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        355⤵
        
        PID:568
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        356⤵
        
        PID:1684
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        357⤵
        
        PID:1016
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        358⤵
        
        PID:916
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        359⤵
        
        PID:2596
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        360⤵
        
        PID:4068
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        361⤵
        
        PID:2812
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        362⤵
        
        PID:4900
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        363⤵
        
        PID:2980
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        364⤵
        
        PID:1356
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        365⤵
        
        PID:4756
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        366⤵
        
        PID:1516
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        367⤵
        
        PID:3504
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        368⤵
        
        PID:976
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe
        369⤵
        
        PID:4660

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=1420 --field-trial-handle=2272,i,4858140932023865871,5726683989663339295,262144 --variations-seed-version /prefetch:8
1⤵
PID:4604

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\04b0e9756c6a99e16ba2dcf6cc3953e2_JaffaCakes118.exe.log

Filesize
224B

MD5
1e4f2a29e11dead55e61329942cd2b14

SHA1
4b3ec9b98797d2f734d67b47cc149546f21cf0af

SHA256
28bbb0da12bd69adc9df324c01392655b788115aba7466f02c23e1ba09f789d4

SHA512
2e28227d898486bfe1cea081df486464b214df50500786e30d6ee9e7d6391f3aacd2f1ed1d0eab60d518bbc79f20f32c226f00ffd70abfe9af45a746cb08416c

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\config\security.config.cch

Filesize
478B

MD5
42398e699cb3b6386b200df8ecc416b4

SHA1
575d7c5a635b9d8edb70a215575c7ef87f082bbf

SHA256
25d4d6b41da5617057c09134f07d809899984920bdb15d5069845bda1a9b03fc

SHA512
1d986532780fc25a270dd3b902b752a4798ac0443ecaaed565294af14add7f0fedcb52cfdeb389e146eb7c40150a10e82397fdadf6838e8d6effb7efe4e90122

Download Submit
memory/1944-35-0x00007FFDBA0B0000-0x00007FFDBAA51000-memory.dmp

Filesize
9.6MB

Download
memory/1944-33-0x00007FFDBA0B0000-0x00007FFDBAA51000-memory.dmp

Filesize
9.6MB

Download
memory/1944-29-0x00007FFDBA0B0000-0x00007FFDBAA51000-memory.dmp

Filesize
9.6MB

Download
memory/1944-28-0x00007FFDBA0B0000-0x00007FFDBAA51000-memory.dmp

Filesize
9.6MB

Download
memory/3232-4-0x000000001B5F0000-0x000000001B618000-memory.dmp

Filesize
160KB

Download
memory/3232-6-0x000000001B700000-0x000000001B7A6000-memory.dmp

Filesize
664KB

Download
memory/3232-14-0x00007FFDBA0B0000-0x00007FFDBAA51000-memory.dmp

Filesize
9.6MB

Download
memory/3232-5-0x000000001B620000-0x000000001B64A000-memory.dmp

Filesize
168KB

Download
memory/3232-0-0x00007FFDBA365000-0x00007FFDBA366000-memory.dmp

Filesize
4KB

Download
memory/3232-3-0x000000001B5C0000-0x000000001B5EC000-memory.dmp

Filesize
176KB

Download
memory/3232-2-0x00007FFDBA0B0000-0x00007FFDBAA51000-memory.dmp

Filesize
9.6MB

Download
memory/3232-1-0x00007FFDBA0B0000-0x00007FFDBAA51000-memory.dmp

Filesize
9.6MB

Download
memory/4748-13-0x00007FFDBA0B0000-0x00007FFDBAA51000-memory.dmp

Filesize
9.6MB

Download
memory/4748-15-0x00007FFDBA0B0000-0x00007FFDBAA51000-memory.dmp

Filesize
9.6MB

Download
memory/4748-16-0x00007FFDBA0B0000-0x00007FFDBAA51000-memory.dmp

Filesize
9.6MB

Download
memory/4748-27-0x00007FFDBA0B0000-0x00007FFDBAA51000-memory.dmp

Filesize
9.6MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads