8eca6e28e5369a6be0d1af9bcb0b91dc6435fea91288394a23b6af2726e66be1

Analysis

max time kernel
142s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
27-06-2024 05:19

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll
Size

122KB
MD5

14ceeeabeb4263ec7834669333df8bd7
SHA1

6bcfd12e662dce5b02f560b41a050b36e55af03e
SHA256

8eca6e28e5369a6be0d1af9bcb0b91dc6435fea91288394a23b6af2726e66be1
SHA512

743ae949f3fdd249c39c385965516678a58bc948f675fdec3780eafe1b0ac12619ea81890446669ce2b51eec9b80c86c7ad45e8a8b5e2331256cee07f46e152f
SSDEEP

3072:rWpByHvCDO7s+4hA94G6lfEXpHNihDgB9r1SxhLpV:6yPCa7s+4694TlM5HwDgB9r1S1V

Score

1^/10

Malware Config

Signatures

Checks SCSI registry key(s) 3 TTPs 6 IoCs

SCSI information is often read in order to detect sandboxing environments.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\ConfigFlags	dwm.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_DADY_DVD-ROM\4&215468a5&0&010000\HardwareID	dwm.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\HardwareID	dwm.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_DADY&PROD_DADY_DVD-ROM\4&215468A5&0&010000	dwm.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_DADY_DVD-ROM\4&215468a5&0&010000\ConfigFlags	dwm.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000	dwm.exe

Enumerates system info in registry 2 TTPs 2 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	dwm.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU	dwm.exe

Modifies data under HKEY_USERS 18 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\22\52C64B7E	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft	dwm.exe

Suspicious use of AdjustPrivilegeToken 4 IoCs

description	pid	Process
Token: SeCreateGlobalPrivilege	14236	dwm.exe
Token: SeChangeNotifyPrivilege	14236	dwm.exe
Token: 33	14236	dwm.exe
Token: SeIncBasePriorityPrivilege	14236	dwm.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2116 wrote to memory of 4860	2116	rundll32.exe	91
PID 2116 wrote to memory of 4860	2116	rundll32.exe	91
PID 2116 wrote to memory of 4860	2116	rundll32.exe	91
PID 4860 wrote to memory of 660	4860	rundll32.exe	92
PID 4860 wrote to memory of 660	4860	rundll32.exe	92
PID 4860 wrote to memory of 660	4860	rundll32.exe	92
PID 660 wrote to memory of 1032	660	rundll32.exe	93
PID 660 wrote to memory of 1032	660	rundll32.exe	93
PID 660 wrote to memory of 1032	660	rundll32.exe	93
PID 1032 wrote to memory of 3868	1032	rundll32.exe	94
PID 1032 wrote to memory of 3868	1032	rundll32.exe	94
PID 1032 wrote to memory of 3868	1032	rundll32.exe	94
PID 3868 wrote to memory of 3428	3868	rundll32.exe	95
PID 3868 wrote to memory of 3428	3868	rundll32.exe	95
PID 3868 wrote to memory of 3428	3868	rundll32.exe	95
PID 3428 wrote to memory of 3068	3428	rundll32.exe	96
PID 3428 wrote to memory of 3068	3428	rundll32.exe	96
PID 3428 wrote to memory of 3068	3428	rundll32.exe	96
PID 3068 wrote to memory of 4556	3068	rundll32.exe	97
PID 3068 wrote to memory of 4556	3068	rundll32.exe	97
PID 3068 wrote to memory of 4556	3068	rundll32.exe	97
PID 4556 wrote to memory of 2296	4556	rundll32.exe	98
PID 4556 wrote to memory of 2296	4556	rundll32.exe	98
PID 4556 wrote to memory of 2296	4556	rundll32.exe	98
PID 2296 wrote to memory of 4720	2296	rundll32.exe	99
PID 2296 wrote to memory of 4720	2296	rundll32.exe	99
PID 2296 wrote to memory of 4720	2296	rundll32.exe	99
PID 4720 wrote to memory of 4080	4720	rundll32.exe	100
PID 4720 wrote to memory of 4080	4720	rundll32.exe	100
PID 4720 wrote to memory of 4080	4720	rundll32.exe	100
PID 4080 wrote to memory of 4924	4080	rundll32.exe	101
PID 4080 wrote to memory of 4924	4080	rundll32.exe	101
PID 4080 wrote to memory of 4924	4080	rundll32.exe	101
PID 4924 wrote to memory of 4160	4924	rundll32.exe	102
PID 4924 wrote to memory of 4160	4924	rundll32.exe	102
PID 4924 wrote to memory of 4160	4924	rundll32.exe	102
PID 4160 wrote to memory of 1052	4160	rundll32.exe	103
PID 4160 wrote to memory of 1052	4160	rundll32.exe	103
PID 4160 wrote to memory of 1052	4160	rundll32.exe	103
PID 1052 wrote to memory of 3828	1052	rundll32.exe	104
PID 1052 wrote to memory of 3828	1052	rundll32.exe	104
PID 1052 wrote to memory of 3828	1052	rundll32.exe	104
PID 3828 wrote to memory of 3992	3828	rundll32.exe	105
PID 3828 wrote to memory of 3992	3828	rundll32.exe	105
PID 3828 wrote to memory of 3992	3828	rundll32.exe	105
PID 3992 wrote to memory of 2340	3992	rundll32.exe	106
PID 3992 wrote to memory of 2340	3992	rundll32.exe	106
PID 3992 wrote to memory of 2340	3992	rundll32.exe	106
PID 2340 wrote to memory of 4640	2340	rundll32.exe	107
PID 2340 wrote to memory of 4640	2340	rundll32.exe	107
PID 2340 wrote to memory of 4640	2340	rundll32.exe	107
PID 4640 wrote to memory of 3624	4640	rundll32.exe	108
PID 4640 wrote to memory of 3624	4640	rundll32.exe	108
PID 4640 wrote to memory of 3624	4640	rundll32.exe	108
PID 3624 wrote to memory of 4012	3624	rundll32.exe	109
PID 3624 wrote to memory of 4012	3624	rundll32.exe	109
PID 3624 wrote to memory of 4012	3624	rundll32.exe	109
PID 4012 wrote to memory of 3452	4012	rundll32.exe	110
PID 4012 wrote to memory of 3452	4012	rundll32.exe	110
PID 4012 wrote to memory of 3452	4012	rundll32.exe	110
PID 3452 wrote to memory of 4352	3452	rundll32.exe	111
PID 3452 wrote to memory of 4352	3452	rundll32.exe	111
PID 3452 wrote to memory of 4352	3452	rundll32.exe	111
PID 4352 wrote to memory of 3636	4352	rundll32.exe	112

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2116
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
  2⤵
  - Suspicious use of WriteProcessMemory
  PID:4860
- - C:\Windows\SysWOW64\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
    3⤵
    - Suspicious use of WriteProcessMemory
    PID:660
  - - C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
      4⤵
      Suspicious use of WriteProcessMemory
      PID:1032
    - - C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        5⤵
        Suspicious use of WriteProcessMemory
        
        PID:3868
      - C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        6⤵
        Suspicious use of WriteProcessMemory
        
        PID:3428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        7⤵
        Suspicious use of WriteProcessMemory
        
        PID:3068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        8⤵
        Suspicious use of WriteProcessMemory
        
        PID:4556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        9⤵
        Suspicious use of WriteProcessMemory
        
        PID:2296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        10⤵
        Suspicious use of WriteProcessMemory
        
        PID:4720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        11⤵
        Suspicious use of WriteProcessMemory
        
        PID:4080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        12⤵
        Suspicious use of WriteProcessMemory
        
        PID:4924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        13⤵
        Suspicious use of WriteProcessMemory
        
        PID:4160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        14⤵
        Suspicious use of WriteProcessMemory
        
        PID:1052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        15⤵
        Suspicious use of WriteProcessMemory
        
        PID:3828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        16⤵
        Suspicious use of WriteProcessMemory
        
        PID:3992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        17⤵
        Suspicious use of WriteProcessMemory
        
        PID:2340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        18⤵
        Suspicious use of WriteProcessMemory
        
        PID:4640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        19⤵
        Suspicious use of WriteProcessMemory
        
        PID:3624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        20⤵
        Suspicious use of WriteProcessMemory
        
        PID:4012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        21⤵
        Suspicious use of WriteProcessMemory
        
        PID:3452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        22⤵
        Suspicious use of WriteProcessMemory
        
        PID:4352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        23⤵
        
        PID:3636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        24⤵
        
        PID:116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        25⤵
        
        PID:112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        26⤵
        
        PID:5000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        27⤵
        
        PID:1216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        28⤵
        
        PID:3316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        29⤵
        
        PID:1824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        30⤵
        
        PID:4472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        31⤵
        
        PID:4912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        32⤵
        
        PID:1772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        33⤵
        
        PID:5044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        34⤵
        
        PID:3172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        35⤵
        
        PID:900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        36⤵
        
        PID:3336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        37⤵
        
        PID:2524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        38⤵
        
        PID:1280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        39⤵
        
        PID:1484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        40⤵
        
        PID:2476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        41⤵
        
        PID:1464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        42⤵
        
        PID:4496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        43⤵
        
        PID:3324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        44⤵
        
        PID:548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        45⤵
        
        PID:3044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        46⤵
        
        PID:3876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        47⤵
        
        PID:3436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        48⤵
        
        PID:2512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        49⤵
        
        PID:4616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        50⤵
        
        PID:2376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        51⤵
        
        PID:3484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        52⤵
        
        PID:1652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        53⤵
        
        PID:2968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        54⤵
        
        PID:2964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        55⤵
        
        PID:3532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        56⤵
        
        PID:3096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        57⤵
        
        PID:4996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        58⤵
        
        PID:3464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        59⤵
        
        PID:4044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        60⤵
        
        PID:5068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        61⤵
        
        PID:4848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        62⤵
        
        PID:3864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        63⤵
        
        PID:2092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        64⤵
        
        PID:5020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        65⤵
        
        PID:3948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        66⤵
        
        PID:2232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        67⤵
        
        PID:4980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        68⤵
        
        PID:4576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        69⤵
        
        PID:2276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        70⤵
        
        PID:688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        71⤵
        
        PID:1156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        72⤵
        
        PID:4900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        73⤵
        
        PID:3764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        74⤵
        
        PID:2168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        75⤵
        
        PID:2700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        76⤵
        
        PID:956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        77⤵
        
        PID:4580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        78⤵
        
        PID:3688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        79⤵
        
        PID:4284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        80⤵
        
        PID:4712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        81⤵
        
        PID:832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        82⤵
        
        PID:1404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        83⤵
        
        PID:4116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        84⤵
        
        PID:4444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        85⤵
        
        PID:2444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        86⤵
        
        PID:5056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        87⤵
        
        PID:4064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        88⤵
        
        PID:3672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        89⤵
        
        PID:1456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        90⤵
        
        PID:3792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        91⤵
        
        PID:3468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        92⤵
        
        PID:2064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        93⤵
        
        PID:4052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        94⤵
        
        PID:5128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        95⤵
        
        PID:5140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        96⤵
        
        PID:5156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        97⤵
        
        PID:5168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        98⤵
        
        PID:5188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        99⤵
        
        PID:5204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        100⤵
        
        PID:5224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        101⤵
        
        PID:5236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        102⤵
        
        PID:5252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        103⤵
        
        PID:5264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        104⤵
        
        PID:5280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        105⤵
        
        PID:5292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        106⤵
        
        PID:5308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        107⤵
        
        PID:5324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        108⤵
        
        PID:5336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        109⤵
        
        PID:5356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        110⤵
        
        PID:5368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        111⤵
        
        PID:5380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        112⤵
        
        PID:5392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        113⤵
        
        PID:5404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        114⤵
        
        PID:5416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        115⤵
        
        PID:5432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        116⤵
        
        PID:5444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        117⤵
        
        PID:5456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        118⤵
        
        PID:5472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        119⤵
        
        PID:5484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        120⤵
        
        PID:5500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        121⤵
        
        PID:5512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        122⤵
        
        PID:5528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        123⤵
        
        PID:5544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        124⤵
        
        PID:5556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        125⤵
        
        PID:5568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        126⤵
        
        PID:5584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        127⤵
        
        PID:5600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        128⤵
        
        PID:5612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        129⤵
        
        PID:5624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        130⤵
        
        PID:5636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        131⤵
        
        PID:5648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        132⤵
        
        PID:5660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        133⤵
        
        PID:5676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        134⤵
        
        PID:5688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        135⤵
        
        PID:5704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        136⤵
        
        PID:5716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        137⤵
        
        PID:5728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        138⤵
        
        PID:5740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        139⤵
        
        PID:5752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        140⤵
        
        PID:5764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        141⤵
        
        PID:5776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        142⤵
        
        PID:5788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        143⤵
        
        PID:5804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        144⤵
        
        PID:5820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        145⤵
        
        PID:5836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        146⤵
        
        PID:5848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        147⤵
        
        PID:5864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        148⤵
        
        PID:5876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        149⤵
        
        PID:5892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        150⤵
        
        PID:5912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        151⤵
        
        PID:5924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        152⤵
        
        PID:5944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        153⤵
        
        PID:5964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        154⤵
        
        PID:5976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        155⤵
        
        PID:5996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        156⤵
        
        PID:6012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        157⤵
        
        PID:6028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        158⤵
        
        PID:6044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        159⤵
        
        PID:6060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        160⤵
        
        PID:6076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        161⤵
        
        PID:6092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        162⤵
        
        PID:6108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        163⤵
        
        PID:6120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        164⤵
        
        PID:6136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        165⤵
        
        PID:5176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        166⤵
        
        PID:3880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        167⤵
        
        PID:5672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        168⤵
        
        PID:6148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        169⤵
        
        PID:6160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        170⤵
        
        PID:6204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        171⤵
        
        PID:6232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        172⤵
        
        PID:6248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        173⤵
        
        PID:6264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        174⤵
        
        PID:6276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        175⤵
        
        PID:6288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        176⤵
        
        PID:6304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        177⤵
        
        PID:6316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        178⤵
        
        PID:6332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        179⤵
        
        PID:6360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        180⤵
        
        PID:6376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        181⤵
        
        PID:6388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        182⤵
        
        PID:6404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        183⤵
        
        PID:6416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        184⤵
        
        PID:6444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        185⤵
        
        PID:6460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        186⤵
        
        PID:6480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        187⤵
        
        PID:6492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        188⤵
        
        PID:6504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        189⤵
        
        PID:6520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        190⤵
        
        PID:6556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        191⤵
        
        PID:6568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        192⤵
        
        PID:6580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        193⤵
        
        PID:6596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        194⤵
        
        PID:6608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        195⤵
        
        PID:6620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        196⤵
        
        PID:6632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        197⤵
        
        PID:6644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        198⤵
        
        PID:6656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        199⤵
        
        PID:6668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        200⤵
        
        PID:6680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        201⤵
        
        PID:6692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        202⤵
        
        PID:6704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        203⤵
        
        PID:6732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        204⤵
        
        PID:6752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        205⤵
        
        PID:6780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        206⤵
        
        PID:6812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        207⤵
        
        PID:6824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        208⤵
        
        PID:6840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        209⤵
        
        PID:6852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        210⤵
        
        PID:6868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        211⤵
        
        PID:6880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        212⤵
        
        PID:6916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        213⤵
        
        PID:6944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        214⤵
        
        PID:6984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        215⤵
        
        PID:7016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        216⤵
        
        PID:7040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        217⤵
        
        PID:7056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        218⤵
        
        PID:7068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        219⤵
        
        PID:7084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        220⤵
        
        PID:7096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        221⤵
        
        PID:7108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        222⤵
        
        PID:7124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        223⤵
        
        PID:7140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        224⤵
        
        PID:7156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        225⤵
        
        PID:6256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        226⤵
        
        PID:4872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        227⤵
        
        PID:2896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        228⤵
        
        PID:7200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        229⤵
        
        PID:7224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        230⤵
        
        PID:7236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        231⤵
        
        PID:7252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        232⤵
        
        PID:7268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        233⤵
        
        PID:7280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        234⤵
        
        PID:7292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        235⤵
        
        PID:7308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        236⤵
        
        PID:7320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        237⤵
        
        PID:7336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        238⤵
        
        PID:7348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        239⤵
        
        PID:7360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        240⤵
        
        PID:7372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        241⤵
        
        PID:7384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        242⤵
        
        PID:7396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        243⤵
        
        PID:7408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        244⤵
        
        PID:7424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        245⤵
        
        PID:7444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        246⤵
        
        PID:7456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        247⤵
        
        PID:7476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        248⤵
        
        PID:7492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        249⤵
        
        PID:7504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        250⤵
        
        PID:7516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        251⤵
        
        PID:7528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        252⤵
        
        PID:7544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        253⤵
        
        PID:7556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        254⤵
        
        PID:7572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        255⤵
        
        PID:7592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        256⤵
        
        PID:7628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        257⤵
        
        PID:7648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        258⤵
        
        PID:7660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        259⤵
        
        PID:7672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        260⤵
        
        PID:7688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        261⤵
        
        PID:7704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        262⤵
        
        PID:7720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        263⤵
        
        PID:7736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        264⤵
        
        PID:7756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        265⤵
        
        PID:7772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        266⤵
        
        PID:7784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        267⤵
        
        PID:7800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        268⤵
        
        PID:7816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        269⤵
        
        PID:7828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        270⤵
        
        PID:7844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        271⤵
        
        PID:7860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        272⤵
        
        PID:7876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        273⤵
        
        PID:7888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        274⤵
        
        PID:7904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        275⤵
        
        PID:7920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        276⤵
        
        PID:7936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        277⤵
        
        PID:7948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        278⤵
        
        PID:7964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        279⤵
        
        PID:7976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        280⤵
        
        PID:7988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        281⤵
        
        PID:8000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        282⤵
        
        PID:8020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        283⤵
        
        PID:8032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        284⤵
        
        PID:8044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        285⤵
        
        PID:8056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        286⤵
        
        PID:8068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        287⤵
        
        PID:8080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        288⤵
        
        PID:8092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        289⤵
        
        PID:8108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        290⤵
        
        PID:8120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        291⤵
        
        PID:8136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        292⤵
        
        PID:8152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        293⤵
        
        PID:8164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        294⤵
        
        PID:8176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        295⤵
        
        PID:8188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        296⤵
        
        PID:7416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        297⤵
        
        PID:8196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        298⤵
        
        PID:8208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        299⤵
        
        PID:8224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        300⤵
        
        PID:8236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        301⤵
        
        PID:8260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        302⤵
        
        PID:8292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        303⤵
        
        PID:8308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        304⤵
        
        PID:8324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        305⤵
        
        PID:8356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        306⤵
        
        PID:8412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        307⤵
        
        PID:8428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        308⤵
        
        PID:8440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        309⤵
        
        PID:8456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        310⤵
        
        PID:8512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        311⤵
        
        PID:8556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        312⤵
        
        PID:8580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        313⤵
        
        PID:8596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        314⤵
        
        PID:8612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        315⤵
        
        PID:8628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        316⤵
        
        PID:8664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        317⤵
        
        PID:8680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        318⤵
        
        PID:8700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        319⤵
        
        PID:8716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        320⤵
        
        PID:8732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        321⤵
        
        PID:8748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        322⤵
        
        PID:8768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        323⤵
        
        PID:8784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        324⤵
        
        PID:8800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        325⤵
        
        PID:8820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        326⤵
        
        PID:8840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        327⤵
        
        PID:8856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        328⤵
        
        PID:8868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        329⤵
        
        PID:8884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        330⤵
        
        PID:8904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        331⤵
        
        PID:8920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        332⤵
        
        PID:8932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        333⤵
        
        PID:8944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        334⤵
        
        PID:8960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        335⤵
        
        PID:8972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        336⤵
        
        PID:8984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        337⤵
        
        PID:9004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        338⤵
        
        PID:9016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        339⤵
        
        PID:9032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        340⤵
        
        PID:9056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        341⤵
        
        PID:9068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        342⤵
        
        PID:9080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        343⤵
        
        PID:9100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        344⤵
        
        PID:9116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        345⤵
        
        PID:9128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        346⤵
        
        PID:9144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        347⤵
        
        PID:9164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        348⤵
        
        PID:9180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        349⤵
        
        PID:9196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        350⤵
        
        PID:1000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        351⤵
        
        PID:3136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        352⤵
        
        PID:736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        353⤵
        
        PID:9040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        354⤵
        
        PID:9224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        355⤵
        
        PID:9244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        356⤵
        
        PID:9264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        357⤵
        
        PID:9284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        358⤵
        
        PID:9324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        359⤵
        
        PID:9344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        360⤵
        
        PID:9368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        361⤵
        
        PID:9380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        362⤵
        
        PID:9392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        363⤵
        
        PID:9404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        364⤵
        
        PID:9420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        365⤵
        
        PID:9436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        366⤵
        
        PID:9468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        367⤵
        
        PID:9492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        368⤵
        
        PID:9508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        369⤵
        
        PID:9524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        370⤵
        
        PID:9544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        371⤵
        
        PID:9560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        372⤵
        
        PID:9576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        373⤵
        
        PID:9592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        374⤵
        
        PID:9604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        375⤵
        
        PID:9620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        376⤵
        
        PID:9632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        377⤵
        
        PID:9644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        378⤵
        
        PID:9660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        379⤵
        
        PID:9676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        380⤵
        
        PID:9688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        381⤵
        
        PID:9700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        382⤵
        
        PID:9716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        383⤵
        
        PID:9732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        384⤵
        
        PID:9748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        385⤵
        
        PID:9764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        386⤵
        
        PID:9776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        387⤵
        
        PID:9788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        388⤵
        
        PID:9800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        389⤵
        
        PID:9816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        390⤵
        
        PID:9828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        391⤵
        
        PID:9840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        392⤵
        
        PID:9860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        393⤵
        
        PID:9876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        394⤵
        
        PID:9888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        395⤵
        
        PID:9900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        396⤵
        
        PID:9912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        397⤵
        
        PID:9924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        398⤵
        
        PID:9936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        399⤵
        
        PID:9948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        400⤵
        
        PID:9960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        401⤵
        
        PID:9976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        402⤵
        
        PID:9992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        403⤵
        
        PID:10004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        404⤵
        
        PID:10016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        405⤵
        
        PID:10028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        406⤵
        
        PID:10040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        407⤵
        
        PID:10052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        408⤵
        
        PID:10068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        409⤵
        
        PID:10080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        410⤵
        
        PID:10092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        411⤵
        
        PID:10108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        412⤵
        
        PID:10124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        413⤵
        
        PID:10140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        414⤵
        
        PID:10152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        415⤵
        
        PID:10168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        416⤵
        
        PID:10184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        417⤵
        
        PID:10196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        418⤵
        
        PID:10212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        419⤵
        
        PID:10224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        420⤵
        
        PID:9300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        421⤵
        
        PID:8528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        422⤵
        
        PID:8540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        423⤵
        
        PID:8520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        424⤵
        
        PID:6224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        425⤵
        
        PID:6424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        426⤵
        
        PID:6216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        427⤵
        
        PID:6176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        428⤵
        
        PID:9480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        429⤵
        
        PID:6912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        430⤵
        
        PID:10248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        431⤵
        
        PID:10260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        432⤵
        
        PID:10276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        433⤵
        
        PID:10308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        434⤵
        
        PID:10328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        435⤵
        
        PID:10340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        436⤵
        
        PID:10360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        437⤵
        
        PID:10372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        438⤵
        
        PID:10384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        439⤵
        
        PID:10400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        440⤵
        
        PID:10412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        441⤵
        
        PID:10428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        442⤵
        
        PID:10444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        443⤵
        
        PID:10460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        444⤵
        
        PID:10476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        445⤵
        
        PID:10496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        446⤵
        
        PID:10508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        447⤵
        
        PID:10520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        448⤵
        
        PID:10536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        449⤵
        
        PID:10548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        450⤵
        
        PID:10560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        451⤵
        
        PID:10584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        452⤵
        
        PID:10600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        453⤵
        
        PID:10620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        454⤵
        
        PID:10632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        455⤵
        
        PID:10652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        456⤵
        
        PID:10664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        457⤵
        
        PID:10676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        458⤵
        
        PID:10688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        459⤵
        
        PID:10700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        460⤵
        
        PID:10716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        461⤵
        
        PID:10732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        462⤵
        
        PID:10744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        463⤵
        
        PID:10756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        464⤵
        
        PID:10772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        465⤵
        
        PID:10788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        466⤵
        
        PID:10800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        467⤵
        
        PID:10816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        468⤵
        
        PID:10836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        469⤵
        
        PID:10852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        470⤵
        
        PID:10864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        471⤵
        
        PID:10876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        472⤵
        
        PID:10888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        473⤵
        
        PID:10904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        474⤵
        
        PID:10916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        475⤵
        
        PID:10928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        476⤵
        
        PID:10944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        477⤵
        
        PID:10960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        478⤵
        
        PID:10976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        479⤵
        
        PID:10988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        480⤵
        
        PID:11000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        481⤵
        
        PID:11016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        482⤵
        
        PID:11028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        483⤵
        
        PID:11044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        484⤵
        
        PID:11056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        485⤵
        
        PID:11068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        486⤵
        
        PID:11080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        487⤵
        
        PID:11096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        488⤵
        
        PID:11112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        489⤵
        
        PID:11128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        490⤵
        
        PID:11140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        491⤵
        
        PID:11152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        492⤵
        
        PID:11168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        493⤵
        
        PID:11180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        494⤵
        
        PID:11196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        495⤵
        
        PID:11208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        496⤵
        
        PID:11220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        497⤵
        
        PID:11232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        498⤵
        
        PID:11248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        499⤵
        
        PID:11260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        500⤵
        
        PID:8532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        501⤵
        
        PID:4300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        502⤵
        
        PID:3640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        503⤵
        
        PID:792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        504⤵
        
        PID:2456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        505⤵
        
        PID:3212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        506⤵
        
        PID:1204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        507⤵
        
        PID:2756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        508⤵
        
        PID:1792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        509⤵
        
        PID:4056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        510⤵
        
        PID:3116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        511⤵
        
        PID:4664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        512⤵
        
        PID:4076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        513⤵
        
        PID:32
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        514⤵
        
        PID:2760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        515⤵
        
        PID:1084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        516⤵
        
        PID:1124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        517⤵
        
        PID:992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        518⤵
        
        PID:4544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        519⤵
        
        PID:1116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        520⤵
        
        PID:2980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        521⤵
        
        PID:3100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        522⤵
        
        PID:2164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        523⤵
        
        PID:896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        524⤵
        
        PID:3528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        525⤵
        
        PID:3396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        526⤵
        
        PID:11036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        527⤵
        
        PID:11240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        528⤵
        
        PID:3508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        529⤵
        
        PID:4048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        530⤵
        
        PID:2304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        531⤵
        
        PID:3668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        532⤵
        
        PID:4164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        533⤵
        
        PID:4768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        534⤵
        
        PID:1044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        535⤵
        
        PID:2308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        536⤵
        
        PID:3552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        537⤵
        
        PID:3904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        538⤵
        
        PID:3940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        539⤵
        
        PID:1564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        540⤵
        
        PID:2772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        541⤵
        
        PID:4108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        542⤵
        
        PID:4356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        543⤵
        
        PID:6896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        544⤵
        
        PID:3800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        545⤵
        
        PID:4456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        546⤵
        
        PID:3372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        547⤵
        
        PID:1264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        548⤵
        
        PID:5084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        549⤵
        
        PID:1720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        550⤵
        
        PID:5124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        551⤵
        
        PID:5164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        552⤵
        
        PID:5220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        553⤵
        
        PID:5248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        554⤵
        
        PID:5260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        555⤵
        
        PID:5288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        556⤵
        
        PID:11276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        557⤵
        
        PID:11292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        558⤵
        
        PID:11304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        559⤵
        
        PID:11320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        560⤵
        
        PID:11332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        561⤵
        
        PID:11344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        562⤵
        
        PID:11356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        563⤵
        
        PID:11376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        564⤵
        
        PID:11392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        565⤵
        
        PID:11408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        566⤵
        
        PID:11420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        567⤵
        
        PID:11432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        568⤵
        
        PID:11448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        569⤵
        
        PID:11460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        570⤵
        
        PID:11476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        571⤵
        
        PID:11488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        572⤵
        
        PID:11500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        573⤵
        
        PID:11512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        574⤵
        
        PID:11532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        575⤵
        
        PID:11548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        576⤵
        
        PID:11592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        577⤵
        
        PID:11612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        578⤵
        
        PID:11624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        579⤵
        
        PID:11636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        580⤵
        
        PID:11648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        581⤵
        
        PID:11660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        582⤵
        
        PID:11680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        583⤵
        
        PID:11696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        584⤵
        
        PID:11708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        585⤵
        
        PID:11724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        586⤵
        
        PID:11740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        587⤵
        
        PID:11756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        588⤵
        
        PID:11772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        589⤵
        
        PID:11784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        590⤵
        
        PID:11796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        591⤵
        
        PID:11808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        592⤵
        
        PID:11824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        593⤵
        
        PID:11836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        594⤵
        
        PID:11848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        595⤵
        
        PID:11864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        596⤵
        
        PID:11876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        597⤵
        
        PID:11892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        598⤵
        
        PID:11908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        599⤵
        
        PID:11924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        600⤵
        
        PID:11940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        601⤵
        
        PID:11952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        602⤵
        
        PID:11968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        603⤵
        
        PID:11984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        604⤵
        
        PID:11996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        605⤵
        
        PID:12008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        606⤵
        
        PID:12020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        607⤵
        
        PID:12032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        608⤵
        
        PID:12048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        609⤵
        
        PID:12064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        610⤵
        
        PID:12076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        611⤵
        
        PID:12088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        612⤵
        
        PID:12104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        613⤵
        
        PID:12116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        614⤵
        
        PID:12132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        615⤵
        
        PID:12144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        616⤵
        
        PID:12160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        617⤵
        
        PID:12176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        618⤵
        
        PID:12188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        619⤵
        
        PID:12200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        620⤵
        
        PID:12216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        621⤵
        
        PID:12228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        622⤵
        
        PID:12240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        623⤵
        
        PID:12256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        624⤵
        
        PID:12268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        625⤵
        
        PID:12280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        626⤵
        
        PID:5316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        627⤵
        
        PID:5348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        628⤵
        
        PID:5376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        629⤵
        
        PID:5412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        630⤵
        
        PID:5440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        631⤵
        
        PID:5464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        632⤵
        
        PID:5492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        633⤵
        
        PID:5520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        634⤵
        
        PID:5552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        635⤵
        
        PID:5580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        636⤵
        
        PID:5596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        637⤵
        
        PID:5620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        638⤵
        
        PID:5656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        639⤵
        
        PID:5700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        640⤵
        
        PID:5760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        641⤵
        
        PID:5784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        642⤵
        
        PID:824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        643⤵
        
        PID:5832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        644⤵
        
        PID:5856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        645⤵
        
        PID:5872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        646⤵
        
        PID:5904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        647⤵
        
        PID:5940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        648⤵
        
        PID:5956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        649⤵
        
        PID:6004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        650⤵
        
        PID:6008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        651⤵
        
        PID:6052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        652⤵
        
        PID:6056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        653⤵
        
        PID:4200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        654⤵
        
        PID:6104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        655⤵
        
        PID:11960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        656⤵
        
        PID:5952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        657⤵
        
        PID:6188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        658⤵
        
        PID:6260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        659⤵
        
        PID:6296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        660⤵
        
        PID:6368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        661⤵
        
        PID:6384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        662⤵
        
        PID:6412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        663⤵
        
        PID:12248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        664⤵
        
        PID:6476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        665⤵
        
        PID:6500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        666⤵
        
        PID:6564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        667⤵
        
        PID:6588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        668⤵
        
        PID:6640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        669⤵
        
        PID:6676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        670⤵
        
        PID:6700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        671⤵
        
        PID:6748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        672⤵
        
        PID:6776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        673⤵
        
        PID:6820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        674⤵
        
        PID:6888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        675⤵
        
        PID:6924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        676⤵
        
        PID:6976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        677⤵
        
        PID:7008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        678⤵
        
        PID:7052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        679⤵
        
        PID:7104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        680⤵
        
        PID:7152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        681⤵
        
        PID:4972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        682⤵
        
        PID:12296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        683⤵
        
        PID:12308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        684⤵
        
        PID:12320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        685⤵
        
        PID:12332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        686⤵
        
        PID:12344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        687⤵
        
        PID:12356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        688⤵
        
        PID:12372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        689⤵
        
        PID:12388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        690⤵
        
        PID:12400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        691⤵
        
        PID:12412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        692⤵
        
        PID:12428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        693⤵
        
        PID:12440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        694⤵
        
        PID:12452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        695⤵
        
        PID:12464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        696⤵
        
        PID:12480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        697⤵
        
        PID:12492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        698⤵
        
        PID:12504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        699⤵
        
        PID:12516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        700⤵
        
        PID:12532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        701⤵
        
        PID:12544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        702⤵
        
        PID:12560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        703⤵
        
        PID:12576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        704⤵
        
        PID:12588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        705⤵
        
        PID:12600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        706⤵
        
        PID:12612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        707⤵
        
        PID:12624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        708⤵
        
        PID:12636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        709⤵
        
        PID:12648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        710⤵
        
        PID:12660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        711⤵
        
        PID:12672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        712⤵
        
        PID:12684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        713⤵
        
        PID:12696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        714⤵
        
        PID:12708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        715⤵
        
        PID:12724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        716⤵
        
        PID:12736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        717⤵
        
        PID:12748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        718⤵
        
        PID:12760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        719⤵
        
        PID:12772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        720⤵
        
        PID:12784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        721⤵
        
        PID:12800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        722⤵
        
        PID:12816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        723⤵
        
        PID:12828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        724⤵
        
        PID:12844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        725⤵
        
        PID:12856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        726⤵
        
        PID:12868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        727⤵
        
        PID:12880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        728⤵
        
        PID:12896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        729⤵
        
        PID:12908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        730⤵
        
        PID:12920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        731⤵
        
        PID:12932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        732⤵
        
        PID:12944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        733⤵
        
        PID:12956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        734⤵
        
        PID:12968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        735⤵
        
        PID:12984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        736⤵
        
        PID:12996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        737⤵
        
        PID:13012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        738⤵
        
        PID:13024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        739⤵
        
        PID:13036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        740⤵
        
        PID:13052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        741⤵
        
        PID:13064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        742⤵
        
        PID:13076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        743⤵
        
        PID:13088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        744⤵
        
        PID:13100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        745⤵
        
        PID:13116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        746⤵
        
        PID:13128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        747⤵
        
        PID:13144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        748⤵
        
        PID:13156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        749⤵
        
        PID:13168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        750⤵
        
        PID:13180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        751⤵
        
        PID:13192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        752⤵
        
        PID:13204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        753⤵
        
        PID:13216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        754⤵
        
        PID:13228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        755⤵
        
        PID:13240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        756⤵
        
        PID:13252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        757⤵
        
        PID:13264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        758⤵
        
        PID:13276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        759⤵
        
        PID:13296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        760⤵
        
        PID:13308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        761⤵
        
        PID:7220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        762⤵
        
        PID:7264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        763⤵
        
        PID:7288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        764⤵
        
        PID:7316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        765⤵
        
        PID:7356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        766⤵
        
        PID:7392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        767⤵
        
        PID:7432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        768⤵
        
        PID:7452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        769⤵
        
        PID:7500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        770⤵
        
        PID:7540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        771⤵
        
        PID:7552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        772⤵
        
        PID:7584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        773⤵
        
        PID:7644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        774⤵
        
        PID:7684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        775⤵
        
        PID:7696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        776⤵
        
        PID:7748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        777⤵
        
        PID:7780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        778⤵
        
        PID:7824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        779⤵
        
        PID:7852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        780⤵
        
        PID:7896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        781⤵
        
        PID:7912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        782⤵
        
        PID:7944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        783⤵
        
        PID:7972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        784⤵
        
        PID:8016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        785⤵
        
        PID:8040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        786⤵
        
        PID:8076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        787⤵
        
        PID:8104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        788⤵
        
        PID:8128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        789⤵
        
        PID:13044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        790⤵
        
        PID:8184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        791⤵
        
        PID:8216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        792⤵
        
        PID:8232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        793⤵
        
        PID:8288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        794⤵
        
        PID:8368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        795⤵
        
        PID:8396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        796⤵
        
        PID:452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        797⤵
        
        PID:8452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        798⤵
        
        PID:8548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        799⤵
        
        PID:13284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        800⤵
        
        PID:8672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        801⤵
        
        PID:8696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        802⤵
        
        PID:8728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        803⤵
        
        PID:8740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        804⤵
        
        PID:8792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        805⤵
        
        PID:8836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        806⤵
        
        PID:8876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        807⤵
        
        PID:8880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        808⤵
        
        PID:8900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        809⤵
        
        PID:8928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        810⤵
        
        PID:8956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        811⤵
        
        PID:8992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        812⤵
        
        PID:9000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        813⤵
        
        PID:9024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        814⤵
        
        PID:9064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        815⤵
        
        PID:9096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        816⤵
        
        PID:9124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        817⤵
        
        PID:9160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        818⤵
        
        PID:9192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        819⤵
        
        PID:8280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        820⤵
        
        PID:9220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        821⤵
        
        PID:9272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        822⤵
        
        PID:8508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        823⤵
        
        PID:9364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        824⤵
        
        PID:9388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        825⤵
        
        PID:9428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        826⤵
        
        PID:9432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        827⤵
        
        PID:9488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        828⤵
        
        PID:9500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        829⤵
        
        PID:9540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        830⤵
        
        PID:9572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        831⤵
        
        PID:9600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        832⤵
        
        PID:9628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        833⤵
        
        PID:9656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        834⤵
        
        PID:13316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        835⤵
        
        PID:13328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        836⤵
        
        PID:13340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        837⤵
        
        PID:13360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        838⤵
        
        PID:13372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        839⤵
        
        PID:13388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        840⤵
        
        PID:13400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        841⤵
        
        PID:13412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        842⤵
        
        PID:13424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        843⤵
        
        PID:13436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        844⤵
        
        PID:13448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        845⤵
        
        PID:13464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        846⤵
        
        PID:13476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        847⤵
        
        PID:13488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        848⤵
        
        PID:13500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        849⤵
        
        PID:13512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        850⤵
        
        PID:13524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        851⤵
        
        PID:13536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        852⤵
        
        PID:13548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        853⤵
        
        PID:13564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        854⤵
        
        PID:13576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        855⤵
        
        PID:13588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        856⤵
        
        PID:13600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        857⤵
        
        PID:13612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        858⤵
        
        PID:13628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        859⤵
        
        PID:13644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        860⤵
        
        PID:13656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        861⤵
        
        PID:13668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        862⤵
        
        PID:13680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        863⤵
        
        PID:13696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        864⤵
        
        PID:13708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        865⤵
        
        PID:13720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        866⤵
        
        PID:13732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        867⤵
        
        PID:13744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        868⤵
        
        PID:13756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        869⤵
        
        PID:13772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        870⤵
        
        PID:13784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        871⤵
        
        PID:13796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        872⤵
        
        PID:13808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        873⤵
        
        PID:13820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        874⤵
        
        PID:13832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        875⤵
        
        PID:13848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        876⤵
        
        PID:13864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        877⤵
        
        PID:13880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        878⤵
        
        PID:13892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        879⤵
        
        PID:13904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        880⤵
        
        PID:13916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        881⤵
        
        PID:13928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        882⤵
        
        PID:13940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\14ceeeabeb4263ec7834669333df8bd7_JaffaCakes118.dll,#1
        883⤵
        
        PID:13960

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=1412 --field-trial-handle=2676,i,447940133669489189,1353734109898858672,262144 --variations-seed-version /prefetch:8
1⤵
PID:11520

C:\Windows\system32\dwm.exe
"dwm.exe"
1⤵
- Checks SCSI registry key(s)
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious use of AdjustPrivilegeToken
PID:14236

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/13916-1-0x0000000075940000-0x0000000075BC4000-memory.dmp

Filesize
2.5MB

Download
memory/13928-0-0x0000000075940000-0x0000000075BC4000-memory.dmp

Filesize
2.5MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads