cd9ddef53c0df89735b30daf088ef75b9291332df5eb6fdddce8657cdc5e93d6

Analysis

max time kernel
150s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20240611-en
resource tags

arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
submitted
24/06/2024, 00:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll
Size

6KB
MD5

05651921b136aad70e1a7a2fc4c4f633
SHA1

4d5eb91a0d494c8898ecb2d6bbeb4b4945f2e02d
SHA256

cd9ddef53c0df89735b30daf088ef75b9291332df5eb6fdddce8657cdc5e93d6
SHA512

1fdfeca469908cba05b616c398edcb51dc76f00798d1e640713e1a57502a5e98554d0ba56bab66a8db495bdb43654fe8f8d5aef3e0b186d20964e952475466aa
SSDEEP

192:nLYB6y/Fk4pgAPzpVXAEA2uxllG0ObtI4:y6y/+4SqXAOuxijJI4

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3188 wrote to memory of 3908	3188	rundll32.exe	84
PID 3188 wrote to memory of 3908	3188	rundll32.exe	84
PID 3188 wrote to memory of 3908	3188	rundll32.exe	84
PID 3908 wrote to memory of 4256	3908	rundll32.exe	85
PID 3908 wrote to memory of 4256	3908	rundll32.exe	85
PID 3908 wrote to memory of 4256	3908	rundll32.exe	85
PID 4256 wrote to memory of 3460	4256	rundll32.exe	86
PID 4256 wrote to memory of 3460	4256	rundll32.exe	86
PID 4256 wrote to memory of 3460	4256	rundll32.exe	86
PID 3460 wrote to memory of 3364	3460	rundll32.exe	87
PID 3460 wrote to memory of 3364	3460	rundll32.exe	87
PID 3460 wrote to memory of 3364	3460	rundll32.exe	87
PID 3364 wrote to memory of 2488	3364	rundll32.exe	88
PID 3364 wrote to memory of 2488	3364	rundll32.exe	88
PID 3364 wrote to memory of 2488	3364	rundll32.exe	88
PID 2488 wrote to memory of 1908	2488	rundll32.exe	89
PID 2488 wrote to memory of 1908	2488	rundll32.exe	89
PID 2488 wrote to memory of 1908	2488	rundll32.exe	89
PID 1908 wrote to memory of 4368	1908	rundll32.exe	90
PID 1908 wrote to memory of 4368	1908	rundll32.exe	90
PID 1908 wrote to memory of 4368	1908	rundll32.exe	90
PID 4368 wrote to memory of 768	4368	rundll32.exe	91
PID 4368 wrote to memory of 768	4368	rundll32.exe	91
PID 4368 wrote to memory of 768	4368	rundll32.exe	91
PID 768 wrote to memory of 4260	768	rundll32.exe	92
PID 768 wrote to memory of 4260	768	rundll32.exe	92
PID 768 wrote to memory of 4260	768	rundll32.exe	92
PID 4260 wrote to memory of 3424	4260	rundll32.exe	93
PID 4260 wrote to memory of 3424	4260	rundll32.exe	93
PID 4260 wrote to memory of 3424	4260	rundll32.exe	93
PID 3424 wrote to memory of 2140	3424	rundll32.exe	94
PID 3424 wrote to memory of 2140	3424	rundll32.exe	94
PID 3424 wrote to memory of 2140	3424	rundll32.exe	94
PID 2140 wrote to memory of 2124	2140	rundll32.exe	95
PID 2140 wrote to memory of 2124	2140	rundll32.exe	95
PID 2140 wrote to memory of 2124	2140	rundll32.exe	95
PID 2124 wrote to memory of 1384	2124	rundll32.exe	96
PID 2124 wrote to memory of 1384	2124	rundll32.exe	96
PID 2124 wrote to memory of 1384	2124	rundll32.exe	96
PID 1384 wrote to memory of 4588	1384	rundll32.exe	97
PID 1384 wrote to memory of 4588	1384	rundll32.exe	97
PID 1384 wrote to memory of 4588	1384	rundll32.exe	97
PID 4588 wrote to memory of 4812	4588	rundll32.exe	98
PID 4588 wrote to memory of 4812	4588	rundll32.exe	98
PID 4588 wrote to memory of 4812	4588	rundll32.exe	98
PID 4812 wrote to memory of 3416	4812	rundll32.exe	99
PID 4812 wrote to memory of 3416	4812	rundll32.exe	99
PID 4812 wrote to memory of 3416	4812	rundll32.exe	99
PID 3416 wrote to memory of 1232	3416	rundll32.exe	100
PID 3416 wrote to memory of 1232	3416	rundll32.exe	100
PID 3416 wrote to memory of 1232	3416	rundll32.exe	100
PID 1232 wrote to memory of 3720	1232	rundll32.exe	101
PID 1232 wrote to memory of 3720	1232	rundll32.exe	101
PID 1232 wrote to memory of 3720	1232	rundll32.exe	101
PID 3720 wrote to memory of 724	3720	rundll32.exe	102
PID 3720 wrote to memory of 724	3720	rundll32.exe	102
PID 3720 wrote to memory of 724	3720	rundll32.exe	102
PID 724 wrote to memory of 2944	724	rundll32.exe	103
PID 724 wrote to memory of 2944	724	rundll32.exe	103
PID 724 wrote to memory of 2944	724	rundll32.exe	103
PID 2944 wrote to memory of 1064	2944	rundll32.exe	104
PID 2944 wrote to memory of 1064	2944	rundll32.exe	104
PID 2944 wrote to memory of 1064	2944	rundll32.exe	104
PID 1064 wrote to memory of 4352	1064	rundll32.exe	105

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:3188
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
  2⤵
  - Suspicious use of WriteProcessMemory
  PID:3908
- - C:\Windows\SysWOW64\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
    3⤵
    - Suspicious use of WriteProcessMemory
    PID:4256
  - - C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
      4⤵
      Suspicious use of WriteProcessMemory
      PID:3460
    - - C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        5⤵
        Suspicious use of WriteProcessMemory
        
        PID:3364
      - C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        6⤵
        Suspicious use of WriteProcessMemory
        
        PID:2488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        7⤵
        Suspicious use of WriteProcessMemory
        
        PID:1908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        8⤵
        Suspicious use of WriteProcessMemory
        
        PID:4368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        9⤵
        Suspicious use of WriteProcessMemory
        
        PID:768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        10⤵
        Suspicious use of WriteProcessMemory
        
        PID:4260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        11⤵
        Suspicious use of WriteProcessMemory
        
        PID:3424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        12⤵
        Suspicious use of WriteProcessMemory
        
        PID:2140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        13⤵
        Suspicious use of WriteProcessMemory
        
        PID:2124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        14⤵
        Suspicious use of WriteProcessMemory
        
        PID:1384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        15⤵
        Suspicious use of WriteProcessMemory
        
        PID:4588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        16⤵
        Suspicious use of WriteProcessMemory
        
        PID:4812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        17⤵
        Suspicious use of WriteProcessMemory
        
        PID:3416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        18⤵
        Suspicious use of WriteProcessMemory
        
        PID:1232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        19⤵
        Suspicious use of WriteProcessMemory
        
        PID:3720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        20⤵
        Suspicious use of WriteProcessMemory
        
        PID:724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        21⤵
        Suspicious use of WriteProcessMemory
        
        PID:2944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        22⤵
        Suspicious use of WriteProcessMemory
        
        PID:1064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        23⤵
        
        PID:4352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        24⤵
        
        PID:3912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        25⤵
        
        PID:3764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        26⤵
        
        PID:5084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        27⤵
        
        PID:1716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        28⤵
        
        PID:4244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        29⤵
        
        PID:1944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        30⤵
        
        PID:3316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        31⤵
        
        PID:2384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        32⤵
        
        PID:2528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        33⤵
        
        PID:2516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        34⤵
        
        PID:3968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        35⤵
        
        PID:1740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        36⤵
        
        PID:2632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        37⤵
        
        PID:4348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        38⤵
        
        PID:444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        39⤵
        
        PID:5016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        40⤵
        
        PID:5048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        41⤵
        
        PID:3192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        42⤵
        
        PID:2468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        43⤵
        
        PID:4436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        44⤵
        
        PID:984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        45⤵
        
        PID:2876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        46⤵
        
        PID:880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        47⤵
        
        PID:2012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        48⤵
        
        PID:4624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        49⤵
        
        PID:1308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        50⤵
        
        PID:1820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        51⤵
        
        PID:656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        52⤵
        
        PID:3228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        53⤵
        
        PID:2020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        54⤵
        
        PID:392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        55⤵
        
        PID:1992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        56⤵
        
        PID:3928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        57⤵
        
        PID:4420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        58⤵
        
        PID:3280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        59⤵
        
        PID:1260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        60⤵
        
        PID:3276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        61⤵
        
        PID:1624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        62⤵
        
        PID:5004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        63⤵
        
        PID:1788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        64⤵
        
        PID:2080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        65⤵
        
        PID:2512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        66⤵
        
        PID:5032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        67⤵
        
        PID:2700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        68⤵
        
        PID:3688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        69⤵
        
        PID:1416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        70⤵
        
        PID:220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        71⤵
        
        PID:3044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        72⤵
        
        PID:1536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        73⤵
        
        PID:4744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        74⤵
        
        PID:4152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        75⤵
        
        PID:4984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        76⤵
        
        PID:232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        77⤵
        
        PID:3140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        78⤵
        
        PID:3112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        79⤵
        
        PID:4940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        80⤵
        
        PID:4304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        81⤵
        
        PID:968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        82⤵
        
        PID:4616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        83⤵
        
        PID:3752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        84⤵
        
        PID:4028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        85⤵
        
        PID:4752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        86⤵
        
        PID:544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        87⤵
        
        PID:3768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        88⤵
        
        PID:4068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        89⤵
        
        PID:2136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        90⤵
        
        PID:2184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        91⤵
        
        PID:4464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        92⤵
        
        PID:1368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        93⤵
        
        PID:2016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        94⤵
        
        PID:4320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        95⤵
        
        PID:2572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        96⤵
        
        PID:4344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        97⤵
        
        PID:4552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        98⤵
        
        PID:5136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        99⤵
        
        PID:5152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        100⤵
        
        PID:5168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        101⤵
        
        PID:5184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        102⤵
        
        PID:5200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        103⤵
        
        PID:5216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        104⤵
        
        PID:5232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        105⤵
        
        PID:5248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        106⤵
        
        PID:5264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        107⤵
        
        PID:5280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        108⤵
        
        PID:5296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        109⤵
        
        PID:5312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        110⤵
        
        PID:5328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        111⤵
        
        PID:5340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        112⤵
        
        PID:5356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        113⤵
        
        PID:5376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        114⤵
        
        PID:5392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        115⤵
        
        PID:5408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        116⤵
        
        PID:5424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        117⤵
        
        PID:5440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        118⤵
        
        PID:5460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        119⤵
        
        PID:5492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        120⤵
        
        PID:5512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        121⤵
        
        PID:5528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        122⤵
        
        PID:5540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        123⤵
        
        PID:5556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        124⤵
        
        PID:5572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        125⤵
        
        PID:5588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        126⤵
        
        PID:5600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        127⤵
        
        PID:5620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        128⤵
        
        PID:5636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        129⤵
        
        PID:5652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        130⤵
        
        PID:5668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        131⤵
        
        PID:5684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        132⤵
        
        PID:5696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        133⤵
        
        PID:5712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        134⤵
        
        PID:5728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        135⤵
        
        PID:5744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        136⤵
        
        PID:5760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        137⤵
        
        PID:5776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        138⤵
        
        PID:5788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        139⤵
        
        PID:5804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        140⤵
        
        PID:5816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        141⤵
        
        PID:5836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        142⤵
        
        PID:5852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        143⤵
        
        PID:5864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        144⤵
        
        PID:5876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        145⤵
        
        PID:5896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        146⤵
        
        PID:5912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        147⤵
        
        PID:5928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        148⤵
        
        PID:5944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        149⤵
        
        PID:5956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        150⤵
        
        PID:5972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        151⤵
        
        PID:5984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        152⤵
        
        PID:6000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        153⤵
        
        PID:6016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        154⤵
        
        PID:6032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        155⤵
        
        PID:6052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        156⤵
        
        PID:6064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        157⤵
        
        PID:6080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        158⤵
        
        PID:6096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        159⤵
        
        PID:6112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        160⤵
        
        PID:6128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        161⤵
        
        PID:5384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        162⤵
        
        PID:5448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        163⤵
        
        PID:6160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        164⤵
        
        PID:6176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        165⤵
        
        PID:6188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        166⤵
        
        PID:6204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        167⤵
        
        PID:6220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        168⤵
        
        PID:6260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        169⤵
        
        PID:6280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        170⤵
        
        PID:6308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        171⤵
        
        PID:6328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        172⤵
        
        PID:6340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        173⤵
        
        PID:6364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        174⤵
        
        PID:6384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        175⤵
        
        PID:6400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        176⤵
        
        PID:6412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        177⤵
        
        PID:6428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        178⤵
        
        PID:6444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        179⤵
        
        PID:6468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        180⤵
        
        PID:6484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        181⤵
        
        PID:6496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        182⤵
        
        PID:6516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        183⤵
        
        PID:6532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        184⤵
        
        PID:6548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        185⤵
        
        PID:6564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        186⤵
        
        PID:6580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        187⤵
        
        PID:6596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        188⤵
        
        PID:6608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        189⤵
        
        PID:6628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        190⤵
        
        PID:6640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        191⤵
        
        PID:6656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        192⤵
        
        PID:6700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        193⤵
        
        PID:6728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        194⤵
        
        PID:6752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        195⤵
        
        PID:6768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        196⤵
        
        PID:6780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        197⤵
        
        PID:6796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        198⤵
        
        PID:6816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        199⤵
        
        PID:6828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        200⤵
        
        PID:6844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        201⤵
        
        PID:6860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        202⤵
        
        PID:6876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        203⤵
        
        PID:6896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        204⤵
        
        PID:6908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        205⤵
        
        PID:6928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        206⤵
        
        PID:6944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        207⤵
        
        PID:6960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        208⤵
        
        PID:6976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        209⤵
        
        PID:6992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        210⤵
        
        PID:7016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        211⤵
        
        PID:7040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        212⤵
        
        PID:7052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        213⤵
        
        PID:7100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        214⤵
        
        PID:7124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        215⤵
        
        PID:7152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        216⤵
        
        PID:7172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        217⤵
        
        PID:7196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        218⤵
        
        PID:7228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        219⤵
        
        PID:7272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        220⤵
        
        PID:7308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        221⤵
        
        PID:7328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        222⤵
        
        PID:7344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        223⤵
        
        PID:7364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        224⤵
        
        PID:7380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        225⤵
        
        PID:7400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        226⤵
        
        PID:7432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        227⤵
        
        PID:7444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        228⤵
        
        PID:7464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        229⤵
        
        PID:7476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        230⤵
        
        PID:7496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        231⤵
        
        PID:7508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        232⤵
        
        PID:7524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        233⤵
        
        PID:7540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        234⤵
        
        PID:7556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        235⤵
        
        PID:7588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        236⤵
        
        PID:7608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        237⤵
        
        PID:7624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        238⤵
        
        PID:7636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        239⤵
        
        PID:7652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        240⤵
        
        PID:7668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        241⤵
        
        PID:7684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        242⤵
        
        PID:7700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        243⤵
        
        PID:7712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        244⤵
        
        PID:7728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        245⤵
        
        PID:7744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        246⤵
        
        PID:7756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        247⤵
        
        PID:7776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        248⤵
        
        PID:7788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        249⤵
        
        PID:7804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        250⤵
        
        PID:7820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        251⤵
        
        PID:7836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        252⤵
        
        PID:7848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        253⤵
        
        PID:7864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        254⤵
        
        PID:7880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        255⤵
        
        PID:7896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        256⤵
        
        PID:7908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        257⤵
        
        PID:7928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        258⤵
        
        PID:7948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        259⤵
        
        PID:7964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        260⤵
        
        PID:7980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        261⤵
        
        PID:7996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        262⤵
        
        PID:8008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        263⤵
        
        PID:8024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        264⤵
        
        PID:8040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        265⤵
        
        PID:8056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        266⤵
        
        PID:8072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        267⤵
        
        PID:8088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        268⤵
        
        PID:8100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        269⤵
        
        PID:8112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        270⤵
        
        PID:8124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        271⤵
        
        PID:8140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        272⤵
        
        PID:8156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        273⤵
        
        PID:8168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        274⤵
        
        PID:8184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        275⤵
        
        PID:3196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        276⤵
        
        PID:1724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        277⤵
        
        PID:1448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        278⤵
        
        PID:980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        279⤵
        
        PID:936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        280⤵
        
        PID:2800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        281⤵
        
        PID:1708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        282⤵
        
        PID:7936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        283⤵
        
        PID:8204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        284⤵
        
        PID:8220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        285⤵
        
        PID:8232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        286⤵
        
        PID:8256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        287⤵
        
        PID:8272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        288⤵
        
        PID:8288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        289⤵
        
        PID:8300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        290⤵
        
        PID:8312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        291⤵
        
        PID:8324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        292⤵
        
        PID:8340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        293⤵
        
        PID:8352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        294⤵
        
        PID:8368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        295⤵
        
        PID:8384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        296⤵
        
        PID:8400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        297⤵
        
        PID:8416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        298⤵
        
        PID:8432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        299⤵
        
        PID:8444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        300⤵
        
        PID:8460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        301⤵
        
        PID:8472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        302⤵
        
        PID:8484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        303⤵
        
        PID:8504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        304⤵
        
        PID:8516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        305⤵
        
        PID:8528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        306⤵
        
        PID:8540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        307⤵
        
        PID:8556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        308⤵
        
        PID:8576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        309⤵
        
        PID:8616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        310⤵
        
        PID:8636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        311⤵
        
        PID:8648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        312⤵
        
        PID:8664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        313⤵
        
        PID:8676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        314⤵
        
        PID:8692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        315⤵
        
        PID:8704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        316⤵
        
        PID:8716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        317⤵
        
        PID:8732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        318⤵
        
        PID:8748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        319⤵
        
        PID:8764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        320⤵
        
        PID:8776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        321⤵
        
        PID:8788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        322⤵
        
        PID:8800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        323⤵
        
        PID:8812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        324⤵
        
        PID:8832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        325⤵
        
        PID:8844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        326⤵
        
        PID:8860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        327⤵
        
        PID:8872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        328⤵
        
        PID:8884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        329⤵
        
        PID:8896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        330⤵
        
        PID:8912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        331⤵
        
        PID:8928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        332⤵
        
        PID:8940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        333⤵
        
        PID:8956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        334⤵
        
        PID:8972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        335⤵
        
        PID:8988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        336⤵
        
        PID:9004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        337⤵
        
        PID:9016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        338⤵
        
        PID:9032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        339⤵
        
        PID:9048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        340⤵
        
        PID:9064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        341⤵
        
        PID:9076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        342⤵
        
        PID:9092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        343⤵
        
        PID:9108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        344⤵
        
        PID:9120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        345⤵
        
        PID:9132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        346⤵
        
        PID:9144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        347⤵
        
        PID:9160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        348⤵
        
        PID:9176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        349⤵
        
        PID:9188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        350⤵
        
        PID:9200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        351⤵
        
        PID:9212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        352⤵
        
        PID:9220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        353⤵
        
        PID:9232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        354⤵
        
        PID:9252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        355⤵
        
        PID:9268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        356⤵
        
        PID:9280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        357⤵
        
        PID:9296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        358⤵
        
        PID:9312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        359⤵
        
        PID:9324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        360⤵
        
        PID:9340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        361⤵
        
        PID:9352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        362⤵
        
        PID:9364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        363⤵
        
        PID:9380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        364⤵
        
        PID:9392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        365⤵
        
        PID:9408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        366⤵
        
        PID:9424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        367⤵
        
        PID:9436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        368⤵
        
        PID:9448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        369⤵
        
        PID:9460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        370⤵
        
        PID:9476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        371⤵
        
        PID:9492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        372⤵
        
        PID:9504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        373⤵
        
        PID:9520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        374⤵
        
        PID:9536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        375⤵
        
        PID:9552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        376⤵
        
        PID:9568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        377⤵
        
        PID:9584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        378⤵
        
        PID:9596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        379⤵
        
        PID:9612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        380⤵
        
        PID:9624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        381⤵
        
        PID:9636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        382⤵
        
        PID:9652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        383⤵
        
        PID:9664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        384⤵
        
        PID:9684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        385⤵
        
        PID:9696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        386⤵
        
        PID:9712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        387⤵
        
        PID:9728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        388⤵
        
        PID:9744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        389⤵
        
        PID:9760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        390⤵
        
        PID:9776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        391⤵
        
        PID:9792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        392⤵
        
        PID:9808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        393⤵
        
        PID:9824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        394⤵
        
        PID:9836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        395⤵
        
        PID:9864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        396⤵
        
        PID:9876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        397⤵
        
        PID:9896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        398⤵
        
        PID:9912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        399⤵
        
        PID:9928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        400⤵
        
        PID:9944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        401⤵
        
        PID:9960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        402⤵
        
        PID:9976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        403⤵
        
        PID:9988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        404⤵
        
        PID:10000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        405⤵
        
        PID:10012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        406⤵
        
        PID:10032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        407⤵
        
        PID:10044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        408⤵
        
        PID:10056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        409⤵
        
        PID:10068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        410⤵
        
        PID:10084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        411⤵
        
        PID:10100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        412⤵
        
        PID:10116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        413⤵
        
        PID:10128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        414⤵
        
        PID:10144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        415⤵
        
        PID:10160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        416⤵
        
        PID:10176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        417⤵
        
        PID:10188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        418⤵
        
        PID:10208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        419⤵
        
        PID:10224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        420⤵
        
        PID:8996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        421⤵
        
        PID:10252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        422⤵
        
        PID:10264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        423⤵
        
        PID:10284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        424⤵
        
        PID:10340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        425⤵
        
        PID:10364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        426⤵
        
        PID:10376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        427⤵
        
        PID:10396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        428⤵
        
        PID:10412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        429⤵
        
        PID:10428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        430⤵
        
        PID:10448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        431⤵
        
        PID:10464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        432⤵
        
        PID:10480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        433⤵
        
        PID:10496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        434⤵
        
        PID:10512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        435⤵
        
        PID:10528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        436⤵
        
        PID:10540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        437⤵
        
        PID:10556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        438⤵
        
        PID:10572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        439⤵
        
        PID:10584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        440⤵
        
        PID:10600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        441⤵
        
        PID:10612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        442⤵
        
        PID:10628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        443⤵
        
        PID:10644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        444⤵
        
        PID:10656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        445⤵
        
        PID:10672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        446⤵
        
        PID:10688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        447⤵
        
        PID:10704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        448⤵
        
        PID:10716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        449⤵
        
        PID:10732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        450⤵
        
        PID:10744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        451⤵
        
        PID:10756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        452⤵
        
        PID:10772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        453⤵
        
        PID:10784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        454⤵
        
        PID:10796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        455⤵
        
        PID:10808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        456⤵
        
        PID:10820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        457⤵
        
        PID:10836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        458⤵
        
        PID:10848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        459⤵
        
        PID:10860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        460⤵
        
        PID:10876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        461⤵
        
        PID:10892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        462⤵
        
        PID:10904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        463⤵
        
        PID:10916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        464⤵
        
        PID:10932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        465⤵
        
        PID:10948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        466⤵
        
        PID:10968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        467⤵
        
        PID:10984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        468⤵
        
        PID:11000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        469⤵
        
        PID:11016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        470⤵
        
        PID:11028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        471⤵
        
        PID:11044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        472⤵
        
        PID:11060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        473⤵
        
        PID:11072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        474⤵
        
        PID:11084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        475⤵
        
        PID:11100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        476⤵
        
        PID:11112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        477⤵
        
        PID:11128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        478⤵
        
        PID:11144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        479⤵
        
        PID:11156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        480⤵
        
        PID:11172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        481⤵
        
        PID:11184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        482⤵
        
        PID:11196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        483⤵
        
        PID:11208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        484⤵
        
        PID:11224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        485⤵
        
        PID:11240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        486⤵
        
        PID:11256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        487⤵
        
        PID:11268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        488⤵
        
        PID:11284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        489⤵
        
        PID:11296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        490⤵
        
        PID:11312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        491⤵
        
        PID:11328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        492⤵
        
        PID:11340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        493⤵
        
        PID:11352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        494⤵
        
        PID:11368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        495⤵
        
        PID:11380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        496⤵
        
        PID:11396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        497⤵
        
        PID:11408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        498⤵
        
        PID:11420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        499⤵
        
        PID:11436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        500⤵
        
        PID:11452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        501⤵
        
        PID:11464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        502⤵
        
        PID:11476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        503⤵
        
        PID:11492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        504⤵
        
        PID:11508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        505⤵
        
        PID:11520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        506⤵
        
        PID:11536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        507⤵
        
        PID:11548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        508⤵
        
        PID:11564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        509⤵
        
        PID:11576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        510⤵
        
        PID:11588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        511⤵
        
        PID:11600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        512⤵
        
        PID:11612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        513⤵
        
        PID:11624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        514⤵
        
        PID:11636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        515⤵
        
        PID:11648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        516⤵
        
        PID:11664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        517⤵
        
        PID:11680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        518⤵
        
        PID:11692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        519⤵
        
        PID:11704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        520⤵
        
        PID:11720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        521⤵
        
        PID:11736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        522⤵
        
        PID:11752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        523⤵
        
        PID:11764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        524⤵
        
        PID:11776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        525⤵
        
        PID:11792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        526⤵
        
        PID:11808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        527⤵
        
        PID:11820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        528⤵
        
        PID:11836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        529⤵
        
        PID:11852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        530⤵
        
        PID:11872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        531⤵
        
        PID:11884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        532⤵
        
        PID:11900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        533⤵
        
        PID:11916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        534⤵
        
        PID:11932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        535⤵
        
        PID:11944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        536⤵
        
        PID:11960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        537⤵
        
        PID:11972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        538⤵
        
        PID:11984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        539⤵
        
        PID:11996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        540⤵
        
        PID:12012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        541⤵
        
        PID:12028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        542⤵
        
        PID:12044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        543⤵
        
        PID:12060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        544⤵
        
        PID:12076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        545⤵
        
        PID:12088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        546⤵
        
        PID:12100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        547⤵
        
        PID:12128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        548⤵
        
        PID:12140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        549⤵
        
        PID:12160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        550⤵
        
        PID:12204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        551⤵
        
        PID:12232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        552⤵
        
        PID:12252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        553⤵
        
        PID:12272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        554⤵
        
        PID:12296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        555⤵
        
        PID:12316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        556⤵
        
        PID:12328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        557⤵
        
        PID:12348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        558⤵
        
        PID:12364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        559⤵
        
        PID:12376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        560⤵
        
        PID:12388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        561⤵
        
        PID:12404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        562⤵
        
        PID:12420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        563⤵
        
        PID:12436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        564⤵
        
        PID:12448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        565⤵
        
        PID:12460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        566⤵
        
        PID:12472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        567⤵
        
        PID:12484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        568⤵
        
        PID:12500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        569⤵
        
        PID:12512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        570⤵
        
        PID:12528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        571⤵
        
        PID:12540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        572⤵
        
        PID:12556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        573⤵
        
        PID:12572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        574⤵
        
        PID:12588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        575⤵
        
        PID:12604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        576⤵
        
        PID:12616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        577⤵
        
        PID:12632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        578⤵
        
        PID:12648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        579⤵
        
        PID:12660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        580⤵
        
        PID:12676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        581⤵
        
        PID:12688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        582⤵
        
        PID:12708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        583⤵
        
        PID:12724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        584⤵
        
        PID:12736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        585⤵
        
        PID:12756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        586⤵
        
        PID:12772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        587⤵
        
        PID:12788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        588⤵
        
        PID:12800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        589⤵
        
        PID:12816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        590⤵
        
        PID:12832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        591⤵
        
        PID:12844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        592⤵
        
        PID:12860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        593⤵
        
        PID:12876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        594⤵
        
        PID:12888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        595⤵
        
        PID:12900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        596⤵
        
        PID:12912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        597⤵
        
        PID:12928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        598⤵
        
        PID:12940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        599⤵
        
        PID:12956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        600⤵
        
        PID:12972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        601⤵
        
        PID:12988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        602⤵
        
        PID:13000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        603⤵
        
        PID:13012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        604⤵
        
        PID:13028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        605⤵
        
        PID:13044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        606⤵
        
        PID:13060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        607⤵
        
        PID:13072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        608⤵
        
        PID:13084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        609⤵
        
        PID:13096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        610⤵
        
        PID:13112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        611⤵
        
        PID:13128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        612⤵
        
        PID:13140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        613⤵
        
        PID:13156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        614⤵
        
        PID:13168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        615⤵
        
        PID:13184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        616⤵
        
        PID:13196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        617⤵
        
        PID:13212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        618⤵
        
        PID:13224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        619⤵
        
        PID:13236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        620⤵
        
        PID:13256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        621⤵
        
        PID:13272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        622⤵
        
        PID:13288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        623⤵
        
        PID:13304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        624⤵
        
        PID:7012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        625⤵
        
        PID:7024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        626⤵
        
        PID:6228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        627⤵
        
        PID:6244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        628⤵
        
        PID:13248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        629⤵
        
        PID:13324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        630⤵
        
        PID:13340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        631⤵
        
        PID:13356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        632⤵
        
        PID:13372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        633⤵
        
        PID:13384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        634⤵
        
        PID:13400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        635⤵
        
        PID:13416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        636⤵
        
        PID:13428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        637⤵
        
        PID:13444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        638⤵
        
        PID:13460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        639⤵
        
        PID:13476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        640⤵
        
        PID:13488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        641⤵
        
        PID:13504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        642⤵
        
        PID:13520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        643⤵
        
        PID:13532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        644⤵
        
        PID:13544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        645⤵
        
        PID:13556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        646⤵
        
        PID:13576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        647⤵
        
        PID:13592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        648⤵
        
        PID:13604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        649⤵
        
        PID:13620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        650⤵
        
        PID:13640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        651⤵
        
        PID:13652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        652⤵
        
        PID:13672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        653⤵
        
        PID:13684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        654⤵
        
        PID:13704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        655⤵
        
        PID:13724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        656⤵
        
        PID:13740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        657⤵
        
        PID:13756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        658⤵
        
        PID:13768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        659⤵
        
        PID:13784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        660⤵
        
        PID:13800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        661⤵
        
        PID:13816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        662⤵
        
        PID:13832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        663⤵
        
        PID:13848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        664⤵
        
        PID:13864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        665⤵
        
        PID:13880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        666⤵
        
        PID:13896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        667⤵
        
        PID:13920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        668⤵
        
        PID:13936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        669⤵
        
        PID:13948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        670⤵
        
        PID:13964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        671⤵
        
        PID:13980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        672⤵
        
        PID:13996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        673⤵
        
        PID:14008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        674⤵
        
        PID:14024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        675⤵
        
        PID:14040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        676⤵
        
        PID:14052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        677⤵
        
        PID:14064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        678⤵
        
        PID:14080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        679⤵
        
        PID:14096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        680⤵
        
        PID:14108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        681⤵
        
        PID:14124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        682⤵
        
        PID:14140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        683⤵
        
        PID:14152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        684⤵
        
        PID:14164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        685⤵
        
        PID:14180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        686⤵
        
        PID:14196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        687⤵
        
        PID:14212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        688⤵
        
        PID:14228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        689⤵
        
        PID:14244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        690⤵
        
        PID:14256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        691⤵
        
        PID:14268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        692⤵
        
        PID:14284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        693⤵
        
        PID:14296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        694⤵
        
        PID:14312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        695⤵
        
        PID:14324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        696⤵
        
        PID:13912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        697⤵
        
        PID:7316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        698⤵
        
        PID:14340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        699⤵
        
        PID:14352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        700⤵
        
        PID:14364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        701⤵
        
        PID:14380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        702⤵
        
        PID:14396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        703⤵
        
        PID:14408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        704⤵
        
        PID:14424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        705⤵
        
        PID:14440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        706⤵
        
        PID:14460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        707⤵
        
        PID:14476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        708⤵
        
        PID:14492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        709⤵
        
        PID:14508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        710⤵
        
        PID:14520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        711⤵
        
        PID:14532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        712⤵
        
        PID:14544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        713⤵
        
        PID:14560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        714⤵
        
        PID:14572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        715⤵
        
        PID:14584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        716⤵
        
        PID:14596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        717⤵
        
        PID:14608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        718⤵
        
        PID:14620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        719⤵
        
        PID:14636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        720⤵
        
        PID:14648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        721⤵
        
        PID:14660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        722⤵
        
        PID:14672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        723⤵
        
        PID:14684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        724⤵
        
        PID:14696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        725⤵
        
        PID:14712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        726⤵
        
        PID:14724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        727⤵
        
        PID:14736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        728⤵
        
        PID:14752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        729⤵
        
        PID:14768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        730⤵
        
        PID:14788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        731⤵
        
        PID:14804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        732⤵
        
        PID:14816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        733⤵
        
        PID:14828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        734⤵
        
        PID:14844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        735⤵
        
        PID:14860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        736⤵
        
        PID:14872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        737⤵
        
        PID:14888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        738⤵
        
        PID:14900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        739⤵
        
        PID:14912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        740⤵
        
        PID:14928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        741⤵
        
        PID:14940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        742⤵
        
        PID:14956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        743⤵
        
        PID:14968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        744⤵
        
        PID:14984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        745⤵
        
        PID:15000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        746⤵
        
        PID:15016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        747⤵
        
        PID:15032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        748⤵
        
        PID:15048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        749⤵
        
        PID:15064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        750⤵
        
        PID:15080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        751⤵
        
        PID:15096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        752⤵
        
        PID:15112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        753⤵
        
        PID:15124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        754⤵
        
        PID:15140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        755⤵
        
        PID:15156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        756⤵
        
        PID:15168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        757⤵
        
        PID:15184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        758⤵
        
        PID:15196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        759⤵
        
        PID:15212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        760⤵
        
        PID:15228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        761⤵
        
        PID:15244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        762⤵
        
        PID:15256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        763⤵
        
        PID:15272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        764⤵
        
        PID:15288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        765⤵
        
        PID:15304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        766⤵
        
        PID:15316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        767⤵
        
        PID:15328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        768⤵
        
        PID:15344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        769⤵
        
        PID:15356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        770⤵
        
        PID:4848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        771⤵
        
        PID:15364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        772⤵
        
        PID:15380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        773⤵
        
        PID:15392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        774⤵
        
        PID:15408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        775⤵
        
        PID:15424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        776⤵
        
        PID:15440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        777⤵
        
        PID:15456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        778⤵
        
        PID:15468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        779⤵
        
        PID:15484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        780⤵
        
        PID:15500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        781⤵
        
        PID:15516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        782⤵
        
        PID:15532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        783⤵
        
        PID:15548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        784⤵
        
        PID:15564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        785⤵
        
        PID:15580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        786⤵
        
        PID:15592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        787⤵
        
        PID:15608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        788⤵
        
        PID:15624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        789⤵
        
        PID:15640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        790⤵
        
        PID:15664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        791⤵
        
        PID:15676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        792⤵
        
        PID:15688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        793⤵
        
        PID:15700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        794⤵
        
        PID:15720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        795⤵
        
        PID:15736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        796⤵
        
        PID:15752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        797⤵
        
        PID:15764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        798⤵
        
        PID:15780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        799⤵
        
        PID:15800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        800⤵
        
        PID:15812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        801⤵
        
        PID:15832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        802⤵
        
        PID:15848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        803⤵
        
        PID:15864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        804⤵
        
        PID:15876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        805⤵
        
        PID:15888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        806⤵
        
        PID:15904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        807⤵
        
        PID:15916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        808⤵
        
        PID:15932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        809⤵
        
        PID:15944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        810⤵
        
        PID:15964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        811⤵
        
        PID:15980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        812⤵
        
        PID:15992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        813⤵
        
        PID:16004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        814⤵
        
        PID:16020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        815⤵
        
        PID:16032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        816⤵
        
        PID:16048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        817⤵
        
        PID:16064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        818⤵
        
        PID:16080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        819⤵
        
        PID:16096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        820⤵
        
        PID:16112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        821⤵
        
        PID:16128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        822⤵
        
        PID:16140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        823⤵
        
        PID:16160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        824⤵
        
        PID:16176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        825⤵
        
        PID:16192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        826⤵
        
        PID:16208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        827⤵
        
        PID:16228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        828⤵
        
        PID:16244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        829⤵
        
        PID:16256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        830⤵
        
        PID:16268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        831⤵
        
        PID:16284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        832⤵
        
        PID:16300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        833⤵
        
        PID:16316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        834⤵
        
        PID:16332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        835⤵
        
        PID:16348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        836⤵
        
        PID:16364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        837⤵
        
        PID:16376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        838⤵
        
        PID:3000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        839⤵
        
        PID:3880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        840⤵
        
        PID:3468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        841⤵
        
        PID:816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        842⤵
        
        PID:4476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        843⤵
        
        PID:16388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        844⤵
        
        PID:16400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        845⤵
        
        PID:16412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        846⤵
        
        PID:16428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        847⤵
        
        PID:16448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        848⤵
        
        PID:16460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        849⤵
        
        PID:16480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        850⤵
        
        PID:16496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        851⤵
        
        PID:16512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        852⤵
        
        PID:16528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        853⤵
        
        PID:16544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        854⤵
        
        PID:16560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        855⤵
        
        PID:16572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        856⤵
        
        PID:16588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        857⤵
        
        PID:16604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        858⤵
        
        PID:16620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        859⤵
        
        PID:16636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        860⤵
        
        PID:16652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        861⤵
        
        PID:16668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        862⤵
        
        PID:16684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        863⤵
        
        PID:16700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        864⤵
        
        PID:16716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        865⤵
        
        PID:16728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        866⤵
        
        PID:16748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        867⤵
        
        PID:16764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        868⤵
        
        PID:16776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        869⤵
        
        PID:16792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        870⤵
        
        PID:16804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        871⤵
        
        PID:16816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        872⤵
        
        PID:16828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        873⤵
        
        PID:16844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        874⤵
        
        PID:16860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        875⤵
        
        PID:16880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        876⤵
        
        PID:16892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        877⤵
        
        PID:16912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        878⤵
        
        PID:16928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        879⤵
        
        PID:16940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        880⤵
        
        PID:16956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        881⤵
        
        PID:16972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        882⤵
        
        PID:16988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        883⤵
        
        PID:17000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        884⤵
        
        PID:17016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        885⤵
        
        PID:17032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        886⤵
        
        PID:17048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        887⤵
        
        PID:17064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\05651921b136aad70e1a7a2fc4c4f633_JaffaCakes118.dll,#1
        888⤵
        
        PID:17080

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/17016-0-0x0000000075890000-0x0000000075B14000-memory.dmp

Filesize
2.5MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads