c3fc26f9bce886bf50d8ba2ae03056e3005e223c62bafea8c3339a6aab08ecf1

Analysis

max time kernel
93s
max time network
96s
platform
windows10-2004_x64
resource
win10v2004-20240704-en
resource tags

arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
submitted
08-07-2024 19:05

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll
Size

165KB
MD5

2d7ccb349178bcf46208adee0140c8a7
SHA1

3a2686c5c7fbd3feb72f9b6fdf2f46022f08b7b0
SHA256

c3fc26f9bce886bf50d8ba2ae03056e3005e223c62bafea8c3339a6aab08ecf1
SHA512

62c4b71a168d092f96153f07349e755f187a3cc7cacf446e3d20f395a39e63f0476294f223b04a895e12275c2c12d1d1d01a4d3191b45dd8333044656aae64e7
SSDEEP

3072:8QkBbkHDzoUiiux3+S0RcNBHca8WpWTyV63p+4DDUUo0moJyOq:NkhkH3qiux3dNoARVcp9DUUdm+yT

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1452 wrote to memory of 644	1452	rundll32.exe	82
PID 1452 wrote to memory of 644	1452	rundll32.exe	82
PID 1452 wrote to memory of 644	1452	rundll32.exe	82
PID 644 wrote to memory of 760	644	rundll32.exe	83
PID 644 wrote to memory of 760	644	rundll32.exe	83
PID 644 wrote to memory of 760	644	rundll32.exe	83
PID 760 wrote to memory of 3692	760	rundll32.exe	84
PID 760 wrote to memory of 3692	760	rundll32.exe	84
PID 760 wrote to memory of 3692	760	rundll32.exe	84
PID 3692 wrote to memory of 1508	3692	rundll32.exe	85
PID 3692 wrote to memory of 1508	3692	rundll32.exe	85
PID 3692 wrote to memory of 1508	3692	rundll32.exe	85
PID 1508 wrote to memory of 4856	1508	rundll32.exe	86
PID 1508 wrote to memory of 4856	1508	rundll32.exe	86
PID 1508 wrote to memory of 4856	1508	rundll32.exe	86
PID 4856 wrote to memory of 1112	4856	rundll32.exe	88
PID 4856 wrote to memory of 1112	4856	rundll32.exe	88
PID 4856 wrote to memory of 1112	4856	rundll32.exe	88
PID 1112 wrote to memory of 4492	1112	rundll32.exe	89
PID 1112 wrote to memory of 4492	1112	rundll32.exe	89
PID 1112 wrote to memory of 4492	1112	rundll32.exe	89
PID 4492 wrote to memory of 1448	4492	rundll32.exe	90
PID 4492 wrote to memory of 1448	4492	rundll32.exe	90
PID 4492 wrote to memory of 1448	4492	rundll32.exe	90
PID 1448 wrote to memory of 1176	1448	rundll32.exe	91
PID 1448 wrote to memory of 1176	1448	rundll32.exe	91
PID 1448 wrote to memory of 1176	1448	rundll32.exe	91
PID 1176 wrote to memory of 2384	1176	rundll32.exe	92
PID 1176 wrote to memory of 2384	1176	rundll32.exe	92
PID 1176 wrote to memory of 2384	1176	rundll32.exe	92
PID 2384 wrote to memory of 1744	2384	rundll32.exe	93
PID 2384 wrote to memory of 1744	2384	rundll32.exe	93
PID 2384 wrote to memory of 1744	2384	rundll32.exe	93
PID 1744 wrote to memory of 640	1744	rundll32.exe	94
PID 1744 wrote to memory of 640	1744	rundll32.exe	94
PID 1744 wrote to memory of 640	1744	rundll32.exe	94
PID 640 wrote to memory of 3348	640	rundll32.exe	95
PID 640 wrote to memory of 3348	640	rundll32.exe	95
PID 640 wrote to memory of 3348	640	rundll32.exe	95
PID 3348 wrote to memory of 1892	3348	rundll32.exe	97
PID 3348 wrote to memory of 1892	3348	rundll32.exe	97
PID 3348 wrote to memory of 1892	3348	rundll32.exe	97
PID 1892 wrote to memory of 3240	1892	rundll32.exe	98
PID 1892 wrote to memory of 3240	1892	rundll32.exe	98
PID 1892 wrote to memory of 3240	1892	rundll32.exe	98
PID 3240 wrote to memory of 4456	3240	rundll32.exe	99
PID 3240 wrote to memory of 4456	3240	rundll32.exe	99
PID 3240 wrote to memory of 4456	3240	rundll32.exe	99
PID 4456 wrote to memory of 1904	4456	rundll32.exe	100
PID 4456 wrote to memory of 1904	4456	rundll32.exe	100
PID 4456 wrote to memory of 1904	4456	rundll32.exe	100
PID 1904 wrote to memory of 4772	1904	rundll32.exe	101
PID 1904 wrote to memory of 4772	1904	rundll32.exe	101
PID 1904 wrote to memory of 4772	1904	rundll32.exe	101
PID 4772 wrote to memory of 4316	4772	rundll32.exe	102
PID 4772 wrote to memory of 4316	4772	rundll32.exe	102
PID 4772 wrote to memory of 4316	4772	rundll32.exe	102
PID 4316 wrote to memory of 3836	4316	rundll32.exe	104
PID 4316 wrote to memory of 3836	4316	rundll32.exe	104
PID 4316 wrote to memory of 3836	4316	rundll32.exe	104
PID 3836 wrote to memory of 4924	3836	rundll32.exe	105
PID 3836 wrote to memory of 4924	3836	rundll32.exe	105
PID 3836 wrote to memory of 4924	3836	rundll32.exe	105
PID 4924 wrote to memory of 2436	4924	rundll32.exe	106

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:1452
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
  2⤵
  - Suspicious use of WriteProcessMemory
  PID:644
- - C:\Windows\SysWOW64\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
    3⤵
    - Suspicious use of WriteProcessMemory
    PID:760
  - - C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
      4⤵
      Suspicious use of WriteProcessMemory
      PID:3692
    - - C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        5⤵
        Suspicious use of WriteProcessMemory
        
        PID:1508
      - C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        6⤵
        Suspicious use of WriteProcessMemory
        
        PID:4856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        7⤵
        Suspicious use of WriteProcessMemory
        
        PID:1112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        8⤵
        Suspicious use of WriteProcessMemory
        
        PID:4492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        9⤵
        Suspicious use of WriteProcessMemory
        
        PID:1448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        10⤵
        Suspicious use of WriteProcessMemory
        
        PID:1176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        11⤵
        Suspicious use of WriteProcessMemory
        
        PID:2384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        12⤵
        Suspicious use of WriteProcessMemory
        
        PID:1744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        13⤵
        Suspicious use of WriteProcessMemory
        
        PID:640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        14⤵
        Suspicious use of WriteProcessMemory
        
        PID:3348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        15⤵
        Suspicious use of WriteProcessMemory
        
        PID:1892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        16⤵
        Suspicious use of WriteProcessMemory
        
        PID:3240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        17⤵
        Suspicious use of WriteProcessMemory
        
        PID:4456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        18⤵
        Suspicious use of WriteProcessMemory
        
        PID:1904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        19⤵
        Suspicious use of WriteProcessMemory
        
        PID:4772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        20⤵
        Suspicious use of WriteProcessMemory
        
        PID:4316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        21⤵
        Suspicious use of WriteProcessMemory
        
        PID:3836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        22⤵
        Suspicious use of WriteProcessMemory
        
        PID:4924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        23⤵
        
        PID:2436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        24⤵
        
        PID:3632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        25⤵
        
        PID:744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        26⤵
        
        PID:112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        27⤵
        
        PID:2084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        28⤵
        
        PID:324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        29⤵
        
        PID:4300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        30⤵
        
        PID:2476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        31⤵
        
        PID:228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        32⤵
        
        PID:4596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        33⤵
        
        PID:212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        34⤵
        
        PID:4896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        35⤵
        
        PID:4656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        36⤵
        
        PID:2492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        37⤵
        
        PID:3396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        38⤵
        
        PID:3460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        39⤵
        
        PID:2816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        40⤵
        
        PID:1476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        41⤵
        
        PID:1068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        42⤵
        
        PID:3892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        43⤵
        
        PID:4676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        44⤵
        
        PID:4032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        45⤵
        
        PID:2276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        46⤵
        
        PID:624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        47⤵
        
        PID:1352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        48⤵
        
        PID:2652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        49⤵
        
        PID:3376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        50⤵
        
        PID:4796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        51⤵
        
        PID:3776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        52⤵
        
        PID:1468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        53⤵
        
        PID:4628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        54⤵
        
        PID:4864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        55⤵
        
        PID:3292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        56⤵
        
        PID:452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        57⤵
        
        PID:4392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        58⤵
        
        PID:532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        59⤵
        
        PID:2316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        60⤵
        
        PID:4424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        61⤵
        
        PID:3156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        62⤵
        
        PID:932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        63⤵
        
        PID:60
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        64⤵
        
        PID:2740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        65⤵
        
        PID:4716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        66⤵
        
        PID:1640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        67⤵
        
        PID:1600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        68⤵
        
        PID:4580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        69⤵
        
        PID:1888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        70⤵
        
        PID:4980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        71⤵
        
        PID:1560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        72⤵
        
        PID:3252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        73⤵
        
        PID:2564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        74⤵
        
        PID:3036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        75⤵
        
        PID:1276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        76⤵
        
        PID:3520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        77⤵
        
        PID:1676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        78⤵
        
        PID:4364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        79⤵
        
        PID:2000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        80⤵
        
        PID:5076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        81⤵
        
        PID:1716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        82⤵
        
        PID:2532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        83⤵
        
        PID:4372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        84⤵
        
        PID:1668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        85⤵
        
        PID:1632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        86⤵
        
        PID:2828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        87⤵
        
        PID:4000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        88⤵
        
        PID:2632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        89⤵
        
        PID:3796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        90⤵
        
        PID:2272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        91⤵
        
        PID:4612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        92⤵
        
        PID:1240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        93⤵
        
        PID:1836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        94⤵
        
        PID:3392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        95⤵
        
        PID:1912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        96⤵
        
        PID:2984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        97⤵
        
        PID:404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        98⤵
        
        PID:4540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        99⤵
        
        PID:4588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        100⤵
        
        PID:1328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        101⤵
        
        PID:1420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        102⤵
        
        PID:2752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        103⤵
        
        PID:2180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        104⤵
        
        PID:4956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        105⤵
        
        PID:820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        106⤵
        
        PID:3780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        107⤵
        
        PID:3596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        108⤵
        
        PID:1412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        109⤵
        
        PID:5132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        110⤵
        
        PID:5148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        111⤵
        
        PID:5160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        112⤵
        
        PID:5180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        113⤵
        
        PID:5192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        114⤵
        
        PID:5208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        115⤵
        
        PID:5224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        116⤵
        
        PID:5236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        117⤵
        
        PID:5256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        118⤵
        
        PID:5268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        119⤵
        
        PID:5280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        120⤵
        
        PID:5296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        121⤵
        
        PID:5312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        122⤵
        
        PID:5328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        123⤵
        
        PID:5344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        124⤵
        
        PID:5360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        125⤵
        
        PID:5376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        126⤵
        
        PID:5392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        127⤵
        
        PID:5408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        128⤵
        
        PID:5428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        129⤵
        
        PID:5440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        130⤵
        
        PID:5456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        131⤵
        
        PID:5468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        132⤵
        
        PID:5488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        133⤵
        
        PID:5504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        134⤵
        
        PID:5520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        135⤵
        
        PID:5536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        136⤵
        
        PID:5552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        137⤵
        
        PID:5568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        138⤵
        
        PID:5580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        139⤵
        
        PID:5596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        140⤵
        
        PID:5612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        141⤵
        
        PID:5624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        142⤵
        
        PID:5636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        143⤵
        
        PID:5652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        144⤵
        
        PID:5672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        145⤵
        
        PID:5688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        146⤵
        
        PID:5700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        147⤵
        
        PID:5712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        148⤵
        
        PID:5728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        149⤵
        
        PID:5740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        150⤵
        
        PID:5756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        151⤵
        
        PID:5772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        152⤵
        
        PID:5788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        153⤵
        
        PID:5800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        154⤵
        
        PID:5812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        155⤵
        
        PID:5828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        156⤵
        
        PID:5844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        157⤵
        
        PID:5860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        158⤵
        
        PID:5876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        159⤵
        
        PID:5892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        160⤵
        
        PID:5908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        161⤵
        
        PID:5920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        162⤵
        
        PID:5932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        163⤵
        
        PID:5944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        164⤵
        
        PID:5960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        165⤵
        
        PID:5976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        166⤵
        
        PID:5992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        167⤵
        
        PID:6008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        168⤵
        
        PID:6020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        169⤵
        
        PID:6036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        170⤵
        
        PID:6052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        171⤵
        
        PID:6068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        172⤵
        
        PID:6084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        173⤵
        
        PID:6096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        174⤵
        
        PID:6112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        175⤵
        
        PID:6128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        176⤵
        
        PID:3576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        177⤵
        
        PID:436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        178⤵
        
        PID:4288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        179⤵
        
        PID:4048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        180⤵
        
        PID:4876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        181⤵
        
        PID:4672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        182⤵
        
        PID:1236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        183⤵
        
        PID:6148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        184⤵
        
        PID:6160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        185⤵
        
        PID:6176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        186⤵
        
        PID:6196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        187⤵
        
        PID:6208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        188⤵
        
        PID:6220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        189⤵
        
        PID:6240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        190⤵
        
        PID:6256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        191⤵
        
        PID:6272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        192⤵
        
        PID:6284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        193⤵
        
        PID:6300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        194⤵
        
        PID:6316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        195⤵
        
        PID:6328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        196⤵
        
        PID:6344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        197⤵
        
        PID:6356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        198⤵
        
        PID:6372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        199⤵
        
        PID:6384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        200⤵
        
        PID:6400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        201⤵
        
        PID:6412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        202⤵
        
        PID:6428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        203⤵
        
        PID:6444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        204⤵
        
        PID:6456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        205⤵
        
        PID:6472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        206⤵
        
        PID:6488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        207⤵
        
        PID:6500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        208⤵
        
        PID:6512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        209⤵
        
        PID:6532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        210⤵
        
        PID:6548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        211⤵
        
        PID:6564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        212⤵
        
        PID:6580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        213⤵
        
        PID:6596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        214⤵
        
        PID:6608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        215⤵
        
        PID:6628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        216⤵
        
        PID:6644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        217⤵
        
        PID:6660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        218⤵
        
        PID:6676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        219⤵
        
        PID:6688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        220⤵
        
        PID:6700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        221⤵
        
        PID:6716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        222⤵
        
        PID:6732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        223⤵
        
        PID:6748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        224⤵
        
        PID:6764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        225⤵
        
        PID:6780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        226⤵
        
        PID:6792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        227⤵
        
        PID:6804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        228⤵
        
        PID:6816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        229⤵
        
        PID:6832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        230⤵
        
        PID:6848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        231⤵
        
        PID:6864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        232⤵
        
        PID:6880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        233⤵
        
        PID:6896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        234⤵
        
        PID:6912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        235⤵
        
        PID:6928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        236⤵
        
        PID:6944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        237⤵
        
        PID:6960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        238⤵
        
        PID:6972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        239⤵
        
        PID:6992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        240⤵
        
        PID:7008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        241⤵
        
        PID:7024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        242⤵
        
        PID:7040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        243⤵
        
        PID:7056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        244⤵
        
        PID:7072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        245⤵
        
        PID:7084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        246⤵
        
        PID:7100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        247⤵
        
        PID:7116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        248⤵
        
        PID:7132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        249⤵
        
        PID:7148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        250⤵
        
        PID:7164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        251⤵
        
        PID:7184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        252⤵
        
        PID:7200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        253⤵
        
        PID:7216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        254⤵
        
        PID:7232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        255⤵
        
        PID:7248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        256⤵
        
        PID:7264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        257⤵
        
        PID:7280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        258⤵
        
        PID:7296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        259⤵
        
        PID:7308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        260⤵
        
        PID:7320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        261⤵
        
        PID:7340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        262⤵
        
        PID:7356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        263⤵
        
        PID:7372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        264⤵
        
        PID:7388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        265⤵
        
        PID:7404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        266⤵
        
        PID:7420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        267⤵
        
        PID:7432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        268⤵
        
        PID:7448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        269⤵
        
        PID:7460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        270⤵
        
        PID:7476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        271⤵
        
        PID:7492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        272⤵
        
        PID:7508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        273⤵
        
        PID:7524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        274⤵
        
        PID:7540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        275⤵
        
        PID:7556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        276⤵
        
        PID:7572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        277⤵
        
        PID:7588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        278⤵
        
        PID:7604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        279⤵
        
        PID:7620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        280⤵
        
        PID:7636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        281⤵
        
        PID:7652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        282⤵
        
        PID:7668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        283⤵
        
        PID:7684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        284⤵
        
        PID:7700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        285⤵
        
        PID:7716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        286⤵
        
        PID:7732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        287⤵
        
        PID:7748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        288⤵
        
        PID:7760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        289⤵
        
        PID:7776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        290⤵
        
        PID:7792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        291⤵
        
        PID:7808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        292⤵
        
        PID:7824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        293⤵
        
        PID:7840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        294⤵
        
        PID:7860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        295⤵
        
        PID:7876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        296⤵
        
        PID:7892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        297⤵
        
        PID:7908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        298⤵
        
        PID:7924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        299⤵
        
        PID:7940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        300⤵
        
        PID:7952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        301⤵
        
        PID:7972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        302⤵
        
        PID:7988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        303⤵
        
        PID:8004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        304⤵
        
        PID:8016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        305⤵
        
        PID:8028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        306⤵
        
        PID:8040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        307⤵
        
        PID:8052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        308⤵
        
        PID:8064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        309⤵
        
        PID:8076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        310⤵
        
        PID:8092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        311⤵
        
        PID:8108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        312⤵
        
        PID:8124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        313⤵
        
        PID:8136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        314⤵
        
        PID:8148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        315⤵
        
        PID:8164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        316⤵
        
        PID:8180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        317⤵
        
        PID:8196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        318⤵
        
        PID:8212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        319⤵
        
        PID:8228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        320⤵
        
        PID:8244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        321⤵
        
        PID:8260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        322⤵
        
        PID:8272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        323⤵
        
        PID:8284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        324⤵
        
        PID:8300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        325⤵
        
        PID:8316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        326⤵
        
        PID:8332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        327⤵
        
        PID:8348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        328⤵
        
        PID:8364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        329⤵
        
        PID:8376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        330⤵
        
        PID:8388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        331⤵
        
        PID:8404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        332⤵
        
        PID:8420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        333⤵
        
        PID:8436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        334⤵
        
        PID:8452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        335⤵
        
        PID:8468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        336⤵
        
        PID:8480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        337⤵
        
        PID:8496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        338⤵
        
        PID:8512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        339⤵
        
        PID:8528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        340⤵
        
        PID:8540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        341⤵
        
        PID:8560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        342⤵
        
        PID:8576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        343⤵
        
        PID:8592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        344⤵
        
        PID:8608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        345⤵
        
        PID:8628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        346⤵
        
        PID:8640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        347⤵
        
        PID:8656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        348⤵
        
        PID:8672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        349⤵
        
        PID:8684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        350⤵
        
        PID:8700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        351⤵
        
        PID:8716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        352⤵
        
        PID:8732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        353⤵
        
        PID:8744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        354⤵
        
        PID:8760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        355⤵
        
        PID:8772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        356⤵
        
        PID:8784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        357⤵
        
        PID:8800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        358⤵
        
        PID:8812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        359⤵
        
        PID:8828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        360⤵
        
        PID:8844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        361⤵
        
        PID:8860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        362⤵
        
        PID:8876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        363⤵
        
        PID:8892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        364⤵
        
        PID:8908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        365⤵
        
        PID:8924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        366⤵
        
        PID:8940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        367⤵
        
        PID:8956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        368⤵
        
        PID:8972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        369⤵
        
        PID:8984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        370⤵
        
        PID:9000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        371⤵
        
        PID:9016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        372⤵
        
        PID:9032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        373⤵
        
        PID:9044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        374⤵
        
        PID:9064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        375⤵
        
        PID:9076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        376⤵
        
        PID:9088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        377⤵
        
        PID:9104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        378⤵
        
        PID:9120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        379⤵
        
        PID:9132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        380⤵
        
        PID:9152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        381⤵
        
        PID:9168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        382⤵
        
        PID:9184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        383⤵
        
        PID:9200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        384⤵
        
        PID:9212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        385⤵
        
        PID:9224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        386⤵
        
        PID:9240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        387⤵
        
        PID:9256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        388⤵
        
        PID:9272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        389⤵
        
        PID:9288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        390⤵
        
        PID:9300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        391⤵
        
        PID:9316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        392⤵
        
        PID:9332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        393⤵
        
        PID:9352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        394⤵
        
        PID:9368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        395⤵
        
        PID:9384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        396⤵
        
        PID:9400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        397⤵
        
        PID:9416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        398⤵
        
        PID:9428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        399⤵
        
        PID:9440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        400⤵
        
        PID:9456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        401⤵
        
        PID:9472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        402⤵
        
        PID:9488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        403⤵
        
        PID:9504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        404⤵
        
        PID:9516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        405⤵
        
        PID:9536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        406⤵
        
        PID:9552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        407⤵
        
        PID:9568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        408⤵
        
        PID:9584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        409⤵
        
        PID:9600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        410⤵
        
        PID:9616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        411⤵
        
        PID:9628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        412⤵
        
        PID:9640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        413⤵
        
        PID:9660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        414⤵
        
        PID:9676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        415⤵
        
        PID:9692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        416⤵
        
        PID:9704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        417⤵
        
        PID:9720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        418⤵
        
        PID:9736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        419⤵
        
        PID:9748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        420⤵
        
        PID:9764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        421⤵
        
        PID:9776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        422⤵
        
        PID:9792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        423⤵
        
        PID:9808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        424⤵
        
        PID:9824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        425⤵
        
        PID:9836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        426⤵
        
        PID:9856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        427⤵
        
        PID:9872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        428⤵
        
        PID:9884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        429⤵
        
        PID:9904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        430⤵
        
        PID:9916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        431⤵
        
        PID:9928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        432⤵
        
        PID:9944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        433⤵
        
        PID:9960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        434⤵
        
        PID:9976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        435⤵
        
        PID:9988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        436⤵
        
        PID:10004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        437⤵
        
        PID:10016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        438⤵
        
        PID:10032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        439⤵
        
        PID:10044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        440⤵
        
        PID:10064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        441⤵
        
        PID:10084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        442⤵
        
        PID:10096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        443⤵
        
        PID:10112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        444⤵
        
        PID:10124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        445⤵
        
        PID:10140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        446⤵
        
        PID:10152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        447⤵
        
        PID:10168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        448⤵
        
        PID:10184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        449⤵
        
        PID:10200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        450⤵
        
        PID:10216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        451⤵
        
        PID:10232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        452⤵
        
        PID:10248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        453⤵
        
        PID:10264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        454⤵
        
        PID:10280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        455⤵
        
        PID:10296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        456⤵
        
        PID:10312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        457⤵
        
        PID:10328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        458⤵
        
        PID:10340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        459⤵
        
        PID:10356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        460⤵
        
        PID:10376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        461⤵
        
        PID:10392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        462⤵
        
        PID:10408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        463⤵
        
        PID:10420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        464⤵
        
        PID:10436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        465⤵
        
        PID:10452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        466⤵
        
        PID:10468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        467⤵
        
        PID:10484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        468⤵
        
        PID:10500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        469⤵
        
        PID:10516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        470⤵
        
        PID:10528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        471⤵
        
        PID:10544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        472⤵
        
        PID:10560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        473⤵
        
        PID:10576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        474⤵
        
        PID:10592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        475⤵
        
        PID:10604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        476⤵
        
        PID:10620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        477⤵
        
        PID:10640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        478⤵
        
        PID:10656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        479⤵
        
        PID:10676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        480⤵
        
        PID:10692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        481⤵
        
        PID:10708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        482⤵
        
        PID:10724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        483⤵
        
        PID:10740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        484⤵
        
        PID:10756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        485⤵
        
        PID:10768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        486⤵
        
        PID:10788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        487⤵
        
        PID:10800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        488⤵
        
        PID:10820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        489⤵
        
        PID:10832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        490⤵
        
        PID:10848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        491⤵
        
        PID:10864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        492⤵
        
        PID:10876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        493⤵
        
        PID:10892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        494⤵
        
        PID:10908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        495⤵
        
        PID:10924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        496⤵
        
        PID:10936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        497⤵
        
        PID:10956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        498⤵
        
        PID:10972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        499⤵
        
        PID:10988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        500⤵
        
        PID:11004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        501⤵
        
        PID:11016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        502⤵
        
        PID:11032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        503⤵
        
        PID:11048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        504⤵
        
        PID:11064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        505⤵
        
        PID:11080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        506⤵
        
        PID:11096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        507⤵
        
        PID:11108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        508⤵
        
        PID:11124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        509⤵
        
        PID:11140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        510⤵
        
        PID:11156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        511⤵
        
        PID:11172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        512⤵
        
        PID:11188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        513⤵
        
        PID:11200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        514⤵
        
        PID:11216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        515⤵
        
        PID:11232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        516⤵
        
        PID:11248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        517⤵
        
        PID:10072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        518⤵
        
        PID:11280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        519⤵
        
        PID:11296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        520⤵
        
        PID:11308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        521⤵
        
        PID:11324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        522⤵
        
        PID:11340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        523⤵
        
        PID:11356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        524⤵
        
        PID:11372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        525⤵
        
        PID:11388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        526⤵
        
        PID:11400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        527⤵
        
        PID:11412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        528⤵
        
        PID:11428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        529⤵
        
        PID:11444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        530⤵
        
        PID:11460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        531⤵
        
        PID:11472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        532⤵
        
        PID:11496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        533⤵
        
        PID:11512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        534⤵
        
        PID:11528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        535⤵
        
        PID:11544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        536⤵
        
        PID:11556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        537⤵
        
        PID:11572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        538⤵
        
        PID:11584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        539⤵
        
        PID:11600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        540⤵
        
        PID:11616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        541⤵
        
        PID:11632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        542⤵
        
        PID:11648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        543⤵
        
        PID:11660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        544⤵
        
        PID:11676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        545⤵
        
        PID:11692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        546⤵
        
        PID:11708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        547⤵
        
        PID:11724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        548⤵
        
        PID:11736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        549⤵
        
        PID:11756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        550⤵
        
        PID:11772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        551⤵
        
        PID:11788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        552⤵
        
        PID:11800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        553⤵
        
        PID:11820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        554⤵
        
        PID:11836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        555⤵
        
        PID:11848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        556⤵
        
        PID:11864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        557⤵
        
        PID:11880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        558⤵
        
        PID:11896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        559⤵
        
        PID:11908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        560⤵
        
        PID:11924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        561⤵
        
        PID:11940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        562⤵
        
        PID:11952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        563⤵
        
        PID:11972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        564⤵
        
        PID:11988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        565⤵
        
        PID:12000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        566⤵
        
        PID:12012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        567⤵
        
        PID:12024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        568⤵
        
        PID:12040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        569⤵
        
        PID:12056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        570⤵
        
        PID:12068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        571⤵
        
        PID:12080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        572⤵
        
        PID:12100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        573⤵
        
        PID:12116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        574⤵
        
        PID:12128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        575⤵
        
        PID:12144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        576⤵
        
        PID:12160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        577⤵
        
        PID:12176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        578⤵
        
        PID:12192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        579⤵
        
        PID:12208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        580⤵
        
        PID:12224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        581⤵
        
        PID:12236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        582⤵
        
        PID:12248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        583⤵
        
        PID:12260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        584⤵
        
        PID:12276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        585⤵
        
        PID:11484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        586⤵
        
        PID:12304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        587⤵
        
        PID:12320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        588⤵
        
        PID:12332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        589⤵
        
        PID:12348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        590⤵
        
        PID:12364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        591⤵
        
        PID:12380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        592⤵
        
        PID:12392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        593⤵
        
        PID:12412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        594⤵
        
        PID:12424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        595⤵
        
        PID:12440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        596⤵
        
        PID:12456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        597⤵
        
        PID:12472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        598⤵
        
        PID:12488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        599⤵
        
        PID:12504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        600⤵
        
        PID:12520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        601⤵
        
        PID:12536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        602⤵
        
        PID:12552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        603⤵
        
        PID:12564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        604⤵
        
        PID:12580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        605⤵
        
        PID:12596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        606⤵
        
        PID:12608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        607⤵
        
        PID:12628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        608⤵
        
        PID:12644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        609⤵
        
        PID:12660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        610⤵
        
        PID:12672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        611⤵
        
        PID:12688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        612⤵
        
        PID:12704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        613⤵
        
        PID:12716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        614⤵
        
        PID:12736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        615⤵
        
        PID:12752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        616⤵
        
        PID:12764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        617⤵
        
        PID:12780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        618⤵
        
        PID:12792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        619⤵
        
        PID:12808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        620⤵
        
        PID:12824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        621⤵
        
        PID:12840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        622⤵
        
        PID:12852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        623⤵
        
        PID:12868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        624⤵
        
        PID:12884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        625⤵
        
        PID:12900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        626⤵
        
        PID:12916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        627⤵
        
        PID:12932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        628⤵
        
        PID:12944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        629⤵
        
        PID:12956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        630⤵
        
        PID:12968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        631⤵
        
        PID:12984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        632⤵
        
        PID:12996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        633⤵
        
        PID:13012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        634⤵
        
        PID:13028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        635⤵
        
        PID:13044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        636⤵
        
        PID:13056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        637⤵
        
        PID:13072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        638⤵
        
        PID:13088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        639⤵
        
        PID:13100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        640⤵
        
        PID:13116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        641⤵
        
        PID:13128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        642⤵
        
        PID:13148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        643⤵
        
        PID:13164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        644⤵
        
        PID:13176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        645⤵
        
        PID:13192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        646⤵
        
        PID:13208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        647⤵
        
        PID:13220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        648⤵
        
        PID:13236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        649⤵
        
        PID:13248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        650⤵
        
        PID:13264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        651⤵
        
        PID:13276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        652⤵
        
        PID:13288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        653⤵
        
        PID:13300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        654⤵
        
        PID:13320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        655⤵
        
        PID:13336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        656⤵
        
        PID:13352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        657⤵
        
        PID:13368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        658⤵
        
        PID:13384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        659⤵
        
        PID:13400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        660⤵
        
        PID:13416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        661⤵
        
        PID:13428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        662⤵
        
        PID:13444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        663⤵
        
        PID:13460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        664⤵
        
        PID:13476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        665⤵
        
        PID:13492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        666⤵
        
        PID:13508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        667⤵
        
        PID:13520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        668⤵
        
        PID:13536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        669⤵
        
        PID:13548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        670⤵
        
        PID:13564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        671⤵
        
        PID:13580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        672⤵
        
        PID:13596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        673⤵
        
        PID:13608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        674⤵
        
        PID:13624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        675⤵
        
        PID:13640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        676⤵
        
        PID:13656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        677⤵
        
        PID:13672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        678⤵
        
        PID:13688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        679⤵
        
        PID:13700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        680⤵
        
        PID:13716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        681⤵
        
        PID:13732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        682⤵
        
        PID:13752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        683⤵
        
        PID:13768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        684⤵
        
        PID:13784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        685⤵
        
        PID:13796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        686⤵
        
        PID:13816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        687⤵
        
        PID:13832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        688⤵
        
        PID:13848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        689⤵
        
        PID:13864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        690⤵
        
        PID:13880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        691⤵
        
        PID:13892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        692⤵
        
        PID:13904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        693⤵
        
        PID:13920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        694⤵
        
        PID:13936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        695⤵
        
        PID:13952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        696⤵
        
        PID:13964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        697⤵
        
        PID:13988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        698⤵
        
        PID:14004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        699⤵
        
        PID:14020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        700⤵
        
        PID:14036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        701⤵
        
        PID:14048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        702⤵
        
        PID:14064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        703⤵
        
        PID:14080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        704⤵
        
        PID:14096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        705⤵
        
        PID:14112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        706⤵
        
        PID:14128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        707⤵
        
        PID:14144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        708⤵
        
        PID:14160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        709⤵
        
        PID:14176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        710⤵
        
        PID:14188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        711⤵
        
        PID:14204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        712⤵
        
        PID:14220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        713⤵
        
        PID:14236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        714⤵
        
        PID:14252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        715⤵
        
        PID:14264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        716⤵
        
        PID:14280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        717⤵
        
        PID:14296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        718⤵
        
        PID:14312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        719⤵
        
        PID:14324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        720⤵
        
        PID:14344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        721⤵
        
        PID:14360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        722⤵
        
        PID:14376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        723⤵
        
        PID:14392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        724⤵
        
        PID:14404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        725⤵
        
        PID:14420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        726⤵
        
        PID:14436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        727⤵
        
        PID:14452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        728⤵
        
        PID:14468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        729⤵
        
        PID:14484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        730⤵
        
        PID:14500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        731⤵
        
        PID:14516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        732⤵
        
        PID:14532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        733⤵
        
        PID:14544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        734⤵
        
        PID:14560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        735⤵
        
        PID:14572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        736⤵
        
        PID:14588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        737⤵
        
        PID:14604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        738⤵
        
        PID:14620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        739⤵
        
        PID:14632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        740⤵
        
        PID:14648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        741⤵
        
        PID:14664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        742⤵
        
        PID:14676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        743⤵
        
        PID:14692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        744⤵
        
        PID:14708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        745⤵
        
        PID:14720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        746⤵
        
        PID:14736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        747⤵
        
        PID:14752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        748⤵
        
        PID:14768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        749⤵
        
        PID:14784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        750⤵
        
        PID:14796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        751⤵
        
        PID:14812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        752⤵
        
        PID:14828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        753⤵
        
        PID:14844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        754⤵
        
        PID:14860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        755⤵
        
        PID:14872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        756⤵
        
        PID:14888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        757⤵
        
        PID:14900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        758⤵
        
        PID:14916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        759⤵
        
        PID:14928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        760⤵
        
        PID:14940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        761⤵
        
        PID:14956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        762⤵
        
        PID:14972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        763⤵
        
        PID:14984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        764⤵
        
        PID:15000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        765⤵
        
        PID:15016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        766⤵
        
        PID:15028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        767⤵
        
        PID:15040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        768⤵
        
        PID:15056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        769⤵
        
        PID:15072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        770⤵
        
        PID:15084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        771⤵
        
        PID:15100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        772⤵
        
        PID:15116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        773⤵
        
        PID:15128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        774⤵
        
        PID:15144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        775⤵
        
        PID:15156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        776⤵
        
        PID:15172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        777⤵
        
        PID:15196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        778⤵
        
        PID:15212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        779⤵
        
        PID:15224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        780⤵
        
        PID:15240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        781⤵
        
        PID:15256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        782⤵
        
        PID:15272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        783⤵
        
        PID:15284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        784⤵
        
        PID:15300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        785⤵
        
        PID:15316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        786⤵
        
        PID:15332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        787⤵
        
        PID:15352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        788⤵
        
        PID:15364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        789⤵
        
        PID:15376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        790⤵
        
        PID:15392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        791⤵
        
        PID:15408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        792⤵
        
        PID:15420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        793⤵
        
        PID:15436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        794⤵
        
        PID:15452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        795⤵
        
        PID:15468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        796⤵
        
        PID:15484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        797⤵
        
        PID:15500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        798⤵
        
        PID:15512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        799⤵
        
        PID:15528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        800⤵
        
        PID:15544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        801⤵
        
        PID:15556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        802⤵
        
        PID:15576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        803⤵
        
        PID:15592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        804⤵
        
        PID:15608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        805⤵
        
        PID:15624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        806⤵
        
        PID:15636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        807⤵
        
        PID:15656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        808⤵
        
        PID:15672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        809⤵
        
        PID:15688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        810⤵
        
        PID:15704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        811⤵
        
        PID:15716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        812⤵
        
        PID:15732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        813⤵
        
        PID:15748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        814⤵
        
        PID:15768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        815⤵
        
        PID:15784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        816⤵
        
        PID:15800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        817⤵
        
        PID:15816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        818⤵
        
        PID:15832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        819⤵
        
        PID:15848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        820⤵
        
        PID:15864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        821⤵
        
        PID:15880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        822⤵
        
        PID:15896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        823⤵
        
        PID:15912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        824⤵
        
        PID:15924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        825⤵
        
        PID:15936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        826⤵
        
        PID:15952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        827⤵
        
        PID:15968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        828⤵
        
        PID:15980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        829⤵
        
        PID:15992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        830⤵
        
        PID:16008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        831⤵
        
        PID:16020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        832⤵
        
        PID:16036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        833⤵
        
        PID:16048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        834⤵
        
        PID:16064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        835⤵
        
        PID:16080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        836⤵
        
        PID:16096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        837⤵
        
        PID:16112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        838⤵
        
        PID:16128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        839⤵
        
        PID:16140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        840⤵
        
        PID:16156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        841⤵
        
        PID:16168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        842⤵
        
        PID:16180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        843⤵
        
        PID:16192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        844⤵
        
        PID:16204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        845⤵
        
        PID:16220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        846⤵
        
        PID:16236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        847⤵
        
        PID:16252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        848⤵
        
        PID:16264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        849⤵
        
        PID:16280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        850⤵
        
        PID:16296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        851⤵
        
        PID:16312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        852⤵
        
        PID:16328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        853⤵
        
        PID:16344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        854⤵
        
        PID:16360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        855⤵
        
        PID:16376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        856⤵
        
        PID:3620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        857⤵
        
        PID:2408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        858⤵
        
        PID:16388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        859⤵
        
        PID:16404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        860⤵
        
        PID:16416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        861⤵
        
        PID:16432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        862⤵
        
        PID:16448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        863⤵
        
        PID:16464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        864⤵
        
        PID:16480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        865⤵
        
        PID:16496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        866⤵
        
        PID:16512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        867⤵
        
        PID:16528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        868⤵
        
        PID:16544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        869⤵
        
        PID:16560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        870⤵
        
        PID:16576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        871⤵
        
        PID:16592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        872⤵
        
        PID:16608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        873⤵
        
        PID:16620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        874⤵
        
        PID:16636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        875⤵
        
        PID:16656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        876⤵
        
        PID:16672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        877⤵
        
        PID:16688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        878⤵
        
        PID:16704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        879⤵
        
        PID:16716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        880⤵
        
        PID:16732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        881⤵
        
        PID:16748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        882⤵
        
        PID:16764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        883⤵
        
        PID:16776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        884⤵
        
        PID:16788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        885⤵
        
        PID:16804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        886⤵
        
        PID:16820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        887⤵
        
        PID:16832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        888⤵
        
        PID:16848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        889⤵
        
        PID:16864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d7ccb349178bcf46208adee0140c8a7_JaffaCakes118.dll,#1
        890⤵
        
        PID:16880

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/16788-3-0x0000000075260000-0x00000000754E4000-memory.dmp

Filesize
2.5MB

Download
memory/16804-2-0x0000000075260000-0x00000000754E4000-memory.dmp

Filesize
2.5MB

Download
memory/16820-1-0x0000000075260000-0x00000000754E4000-memory.dmp

Filesize
2.5MB

Download
memory/16832-0-0x0000000075260000-0x00000000754E4000-memory.dmp

Filesize
2.5MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads