416d0a61dcdf599800dc4529501379ac67b86bc5e9f4f12e4c33bd052e8cfbf7

Analysis

max time kernel
130s
max time network
136s
platform
windows10-2004_x64
resource
win10v2004-20240704-en
resource tags

arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
submitted
09/07/2024, 04:31

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll
Size

104KB
MD5

2f0068df368cb6ba4ee840dec59ecaf9
SHA1

61e827f091da099cfc2c66e788b97ac56db5c609
SHA256

416d0a61dcdf599800dc4529501379ac67b86bc5e9f4f12e4c33bd052e8cfbf7
SHA512

70e46dcbac6dccc79f57ff1adb1b20a52973c62f8f67de6ca412a061cea11f6fa4a2b1915c848ce70030116a3a75957610c496be6f9a9ad82a8e336291de42d3
SSDEEP

1536:07qru/RzWj9LXNxDvtmgMbFuovfIR38mHY1/JRBju7p5KWhVcEtYEWYzQRg:FipzWj9LX/Ag0FuBsm4a7p5/YEWYzQRg

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 5036 wrote to memory of 4576	5036	rundll32.exe	89
PID 5036 wrote to memory of 4576	5036	rundll32.exe	89
PID 5036 wrote to memory of 4576	5036	rundll32.exe	89
PID 4576 wrote to memory of 5108	4576	rundll32.exe	90
PID 4576 wrote to memory of 5108	4576	rundll32.exe	90
PID 4576 wrote to memory of 5108	4576	rundll32.exe	90
PID 5108 wrote to memory of 4876	5108	rundll32.exe	91
PID 5108 wrote to memory of 4876	5108	rundll32.exe	91
PID 5108 wrote to memory of 4876	5108	rundll32.exe	91
PID 4876 wrote to memory of 3216	4876	rundll32.exe	92
PID 4876 wrote to memory of 3216	4876	rundll32.exe	92
PID 4876 wrote to memory of 3216	4876	rundll32.exe	92
PID 3216 wrote to memory of 3964	3216	rundll32.exe	93
PID 3216 wrote to memory of 3964	3216	rundll32.exe	93
PID 3216 wrote to memory of 3964	3216	rundll32.exe	93
PID 3964 wrote to memory of 2072	3964	rundll32.exe	94
PID 3964 wrote to memory of 2072	3964	rundll32.exe	94
PID 3964 wrote to memory of 2072	3964	rundll32.exe	94
PID 2072 wrote to memory of 4056	2072	rundll32.exe	95
PID 2072 wrote to memory of 4056	2072	rundll32.exe	95
PID 2072 wrote to memory of 4056	2072	rundll32.exe	95
PID 4056 wrote to memory of 4632	4056	rundll32.exe	96
PID 4056 wrote to memory of 4632	4056	rundll32.exe	96
PID 4056 wrote to memory of 4632	4056	rundll32.exe	96
PID 4632 wrote to memory of 2112	4632	rundll32.exe	97
PID 4632 wrote to memory of 2112	4632	rundll32.exe	97
PID 4632 wrote to memory of 2112	4632	rundll32.exe	97
PID 2112 wrote to memory of 3236	2112	rundll32.exe	98
PID 2112 wrote to memory of 3236	2112	rundll32.exe	98
PID 2112 wrote to memory of 3236	2112	rundll32.exe	98
PID 3236 wrote to memory of 4268	3236	rundll32.exe	99
PID 3236 wrote to memory of 4268	3236	rundll32.exe	99
PID 3236 wrote to memory of 4268	3236	rundll32.exe	99
PID 4268 wrote to memory of 4976	4268	rundll32.exe	101
PID 4268 wrote to memory of 4976	4268	rundll32.exe	101
PID 4268 wrote to memory of 4976	4268	rundll32.exe	101
PID 4976 wrote to memory of 2388	4976	rundll32.exe	102
PID 4976 wrote to memory of 2388	4976	rundll32.exe	102
PID 4976 wrote to memory of 2388	4976	rundll32.exe	102
PID 2388 wrote to memory of 4144	2388	rundll32.exe	103
PID 2388 wrote to memory of 4144	2388	rundll32.exe	103
PID 2388 wrote to memory of 4144	2388	rundll32.exe	103
PID 4144 wrote to memory of 4372	4144	rundll32.exe	104
PID 4144 wrote to memory of 4372	4144	rundll32.exe	104
PID 4144 wrote to memory of 4372	4144	rundll32.exe	104
PID 4372 wrote to memory of 4028	4372	rundll32.exe	105
PID 4372 wrote to memory of 4028	4372	rundll32.exe	105
PID 4372 wrote to memory of 4028	4372	rundll32.exe	105
PID 4028 wrote to memory of 796	4028	rundll32.exe	106
PID 4028 wrote to memory of 796	4028	rundll32.exe	106
PID 4028 wrote to memory of 796	4028	rundll32.exe	106
PID 796 wrote to memory of 3876	796	rundll32.exe	107
PID 796 wrote to memory of 3876	796	rundll32.exe	107
PID 796 wrote to memory of 3876	796	rundll32.exe	107
PID 3876 wrote to memory of 4080	3876	rundll32.exe	109
PID 3876 wrote to memory of 4080	3876	rundll32.exe	109
PID 3876 wrote to memory of 4080	3876	rundll32.exe	109
PID 4080 wrote to memory of 768	4080	rundll32.exe	110
PID 4080 wrote to memory of 768	4080	rundll32.exe	110
PID 4080 wrote to memory of 768	4080	rundll32.exe	110
PID 768 wrote to memory of 1512	768	rundll32.exe	111
PID 768 wrote to memory of 1512	768	rundll32.exe	111
PID 768 wrote to memory of 1512	768	rundll32.exe	111
PID 1512 wrote to memory of 4484	1512	rundll32.exe	112

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:5036
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
  2⤵
  - Suspicious use of WriteProcessMemory
  PID:4576
- - C:\Windows\SysWOW64\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
    3⤵
    - Suspicious use of WriteProcessMemory
    PID:5108
  - - C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
      4⤵
      Suspicious use of WriteProcessMemory
      PID:4876
    - - C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        5⤵
        Suspicious use of WriteProcessMemory
        
        PID:3216
      - C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        6⤵
        Suspicious use of WriteProcessMemory
        
        PID:3964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        7⤵
        Suspicious use of WriteProcessMemory
        
        PID:2072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        8⤵
        Suspicious use of WriteProcessMemory
        
        PID:4056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        9⤵
        Suspicious use of WriteProcessMemory
        
        PID:4632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        10⤵
        Suspicious use of WriteProcessMemory
        
        PID:2112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        11⤵
        Suspicious use of WriteProcessMemory
        
        PID:3236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        12⤵
        Suspicious use of WriteProcessMemory
        
        PID:4268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        13⤵
        Suspicious use of WriteProcessMemory
        
        PID:4976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        14⤵
        Suspicious use of WriteProcessMemory
        
        PID:2388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        15⤵
        Suspicious use of WriteProcessMemory
        
        PID:4144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        16⤵
        Suspicious use of WriteProcessMemory
        
        PID:4372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        17⤵
        Suspicious use of WriteProcessMemory
        
        PID:4028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        18⤵
        Suspicious use of WriteProcessMemory
        
        PID:796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        19⤵
        Suspicious use of WriteProcessMemory
        
        PID:3876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        20⤵
        Suspicious use of WriteProcessMemory
        
        PID:4080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        21⤵
        Suspicious use of WriteProcessMemory
        
        PID:768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        22⤵
        Suspicious use of WriteProcessMemory
        
        PID:1512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        23⤵
        
        PID:4484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        24⤵
        
        PID:4752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        25⤵
        
        PID:4608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        26⤵
        
        PID:4048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        27⤵
        
        PID:4076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        28⤵
        
        PID:1688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        29⤵
        
        PID:4628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        30⤵
        
        PID:3796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        31⤵
        
        PID:3880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        32⤵
        
        PID:3932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        33⤵
        
        PID:2188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        34⤵
        
        PID:2904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        35⤵
        
        PID:3600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        36⤵
        
        PID:1800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        37⤵
        
        PID:3204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        38⤵
        
        PID:4640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        39⤵
        
        PID:4620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        40⤵
        
        PID:2864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        41⤵
        
        PID:1168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        42⤵
        
        PID:1420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        43⤵
        
        PID:456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        44⤵
        
        PID:3028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        45⤵
        
        PID:4828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        46⤵
        
        PID:1428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        47⤵
        
        PID:2196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        48⤵
        
        PID:4280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        49⤵
        
        PID:3824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        50⤵
        
        PID:1344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        51⤵
        
        PID:3940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        52⤵
        
        PID:872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        53⤵
        
        PID:4416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        54⤵
        
        PID:5068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        55⤵
        
        PID:3900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        56⤵
        
        PID:4644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        57⤵
        
        PID:976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        58⤵
        
        PID:4272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        59⤵
        
        PID:4764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        60⤵
        
        PID:4836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        61⤵
        
        PID:3088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        62⤵
        
        PID:4476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        63⤵
        
        PID:1500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        64⤵
        
        PID:2192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        65⤵
        
        PID:3464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        66⤵
        
        PID:4856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        67⤵
        
        PID:1312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        68⤵
        
        PID:1600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        69⤵
        
        PID:4388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        70⤵
        
        PID:4488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        71⤵
        
        PID:2544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        72⤵
        
        PID:1948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        73⤵
        
        PID:3400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        74⤵
        
        PID:3580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        75⤵
        
        PID:1060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        76⤵
        
        PID:684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        77⤵
        
        PID:2148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        78⤵
        
        PID:5132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        79⤵
        
        PID:5144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        80⤵
        
        PID:5160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        81⤵
        
        PID:5176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        82⤵
        
        PID:5192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        83⤵
        
        PID:5204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        84⤵
        
        PID:5228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        85⤵
        
        PID:5248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        86⤵
        
        PID:5264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        87⤵
        
        PID:5276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        88⤵
        
        PID:5296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        89⤵
        
        PID:5312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        90⤵
        
        PID:5340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        91⤵
        
        PID:5372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        92⤵
        
        PID:5388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        93⤵
        
        PID:5404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        94⤵
        
        PID:5420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        95⤵
        
        PID:5436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        96⤵
        
        PID:5452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        97⤵
        
        PID:5464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        98⤵
        
        PID:5480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        99⤵
        
        PID:5492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        100⤵
        
        PID:5508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        101⤵
        
        PID:5520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        102⤵
        
        PID:5536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        103⤵
        
        PID:5552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        104⤵
        
        PID:5568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        105⤵
        
        PID:5584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        106⤵
        
        PID:5600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        107⤵
        
        PID:5616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        108⤵
        
        PID:5640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        109⤵
        
        PID:5652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        110⤵
        
        PID:5672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        111⤵
        
        PID:5688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        112⤵
        
        PID:5704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        113⤵
        
        PID:5716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        114⤵
        
        PID:5728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        115⤵
        
        PID:5744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        116⤵
        
        PID:5760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        117⤵
        
        PID:5772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        118⤵
        
        PID:5792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        119⤵
        
        PID:5808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        120⤵
        
        PID:5824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        121⤵
        
        PID:5836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        122⤵
        
        PID:5848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        123⤵
        
        PID:5872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        124⤵
        
        PID:5884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        125⤵
        
        PID:5900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        126⤵
        
        PID:5916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        127⤵
        
        PID:5932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        128⤵
        
        PID:5948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        129⤵
        
        PID:5964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        130⤵
        
        PID:5980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        131⤵
        
        PID:5996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        132⤵
        
        PID:6012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        133⤵
        
        PID:6028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        134⤵
        
        PID:6040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        135⤵
        
        PID:6056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        136⤵
        
        PID:6072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        137⤵
        
        PID:6088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        138⤵
        
        PID:6104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        139⤵
        
        PID:6120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        140⤵
        
        PID:6136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        141⤵
        
        PID:5352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        142⤵
        
        PID:2924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        143⤵
        
        PID:4392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        144⤵
        
        PID:2316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        145⤵
        
        PID:3004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        146⤵
        
        PID:4756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        147⤵
        
        PID:1288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        148⤵
        
        PID:3264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        149⤵
        
        PID:6156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        150⤵
        
        PID:6172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        151⤵
        
        PID:6188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        152⤵
        
        PID:6204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        153⤵
        
        PID:6220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        154⤵
        
        PID:6236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        155⤵
        
        PID:6252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        156⤵
        
        PID:6268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        157⤵
        
        PID:6284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        158⤵
        
        PID:6296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        159⤵
        
        PID:6312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        160⤵
        
        PID:6328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        161⤵
        
        PID:6344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        162⤵
        
        PID:6360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        163⤵
        
        PID:6376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        164⤵
        
        PID:6388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        165⤵
        
        PID:6404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        166⤵
        
        PID:6420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        167⤵
        
        PID:6436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        168⤵
        
        PID:6452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        169⤵
        
        PID:6468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        170⤵
        
        PID:6484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        171⤵
        
        PID:6500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        172⤵
        
        PID:6512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        173⤵
        
        PID:6532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        174⤵
        
        PID:6548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        175⤵
        
        PID:6564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        176⤵
        
        PID:6580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        177⤵
        
        PID:6596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        178⤵
        
        PID:6612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        179⤵
        
        PID:6624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        180⤵
        
        PID:6644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        181⤵
        
        PID:6660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        182⤵
        
        PID:6680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        183⤵
        
        PID:6696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        184⤵
        
        PID:6712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        185⤵
        
        PID:6728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        186⤵
        
        PID:6744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        187⤵
        
        PID:6760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        188⤵
        
        PID:6776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        189⤵
        
        PID:6792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        190⤵
        
        PID:6808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        191⤵
        
        PID:6824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        192⤵
        
        PID:6836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        193⤵
        
        PID:6852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        194⤵
        
        PID:6868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        195⤵
        
        PID:6884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        196⤵
        
        PID:6900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        197⤵
        
        PID:6916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        198⤵
        
        PID:6928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        199⤵
        
        PID:6940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        200⤵
        
        PID:6952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        201⤵
        
        PID:6968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        202⤵
        
        PID:6984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        203⤵
        
        PID:7000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        204⤵
        
        PID:7012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        205⤵
        
        PID:7032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        206⤵
        
        PID:7044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        207⤵
        
        PID:7056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        208⤵
        
        PID:7072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        209⤵
        
        PID:7084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        210⤵
        
        PID:7104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        211⤵
        
        PID:7120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        212⤵
        
        PID:7136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        213⤵
        
        PID:7152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        214⤵
        
        PID:3768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        215⤵
        
        PID:7176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        216⤵
        
        PID:7188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        217⤵
        
        PID:7208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        218⤵
        
        PID:7224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        219⤵
        
        PID:7240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        220⤵
        
        PID:7256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        221⤵
        
        PID:7268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        222⤵
        
        PID:7284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        223⤵
        
        PID:7300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        224⤵
        
        PID:7316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        225⤵
        
        PID:7332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        226⤵
        
        PID:7348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        227⤵
        
        PID:7364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        228⤵
        
        PID:7380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        229⤵
        
        PID:7396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        230⤵
        
        PID:7412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        231⤵
        
        PID:7424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        232⤵
        
        PID:7436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        233⤵
        
        PID:7452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        234⤵
        
        PID:7468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        235⤵
        
        PID:7484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        236⤵
        
        PID:7500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        237⤵
        
        PID:7516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        238⤵
        
        PID:7532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        239⤵
        
        PID:7548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        240⤵
        
        PID:7564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        241⤵
        
        PID:7580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        242⤵
        
        PID:7596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        243⤵
        
        PID:7612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        244⤵
        
        PID:7628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        245⤵
        
        PID:7644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        246⤵
        
        PID:7660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        247⤵
        
        PID:7676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        248⤵
        
        PID:7692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        249⤵
        
        PID:7704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        250⤵
        
        PID:7720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        251⤵
        
        PID:7736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        252⤵
        
        PID:7756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        253⤵
        
        PID:7772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        254⤵
        
        PID:7788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        255⤵
        
        PID:7800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        256⤵
        
        PID:7816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        257⤵
        
        PID:7832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        258⤵
        
        PID:7844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        259⤵
        
        PID:7856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        260⤵
        
        PID:7876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        261⤵
        
        PID:7892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        262⤵
        
        PID:7908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        263⤵
        
        PID:7920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        264⤵
        
        PID:7932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        265⤵
        
        PID:7948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        266⤵
        
        PID:7960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        267⤵
        
        PID:7976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        268⤵
        
        PID:7988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        269⤵
        
        PID:8008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        270⤵
        
        PID:8020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        271⤵
        
        PID:8040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        272⤵
        
        PID:8056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        273⤵
        
        PID:8072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        274⤵
        
        PID:8088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        275⤵
        
        PID:8100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        276⤵
        
        PID:8116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        277⤵
        
        PID:8136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        278⤵
        
        PID:8148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        279⤵
        
        PID:8164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        280⤵
        
        PID:8176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        281⤵
        
        PID:7196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        282⤵
        
        PID:8208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        283⤵
        
        PID:8228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        284⤵
        
        PID:8276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        285⤵
        
        PID:8296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        286⤵
        
        PID:8308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        287⤵
        
        PID:8332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        288⤵
        
        PID:8348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        289⤵
        
        PID:8360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        290⤵
        
        PID:8376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        291⤵
        
        PID:8392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        292⤵
        
        PID:8408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        293⤵
        
        PID:8424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        294⤵
        
        PID:8440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        295⤵
        
        PID:8456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        296⤵
        
        PID:8468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        297⤵
        
        PID:8484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        298⤵
        
        PID:8500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        299⤵
        
        PID:8516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        300⤵
        
        PID:8532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        301⤵
        
        PID:8548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        302⤵
        
        PID:8564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        303⤵
        
        PID:8580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        304⤵
        
        PID:8596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        305⤵
        
        PID:8612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        306⤵
        
        PID:8628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        307⤵
        
        PID:8644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        308⤵
        
        PID:8656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        309⤵
        
        PID:8672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        310⤵
        
        PID:8692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        311⤵
        
        PID:8708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        312⤵
        
        PID:8724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        313⤵
        
        PID:8740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        314⤵
        
        PID:8756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        315⤵
        
        PID:8768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        316⤵
        
        PID:8780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        317⤵
        
        PID:8796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        318⤵
        
        PID:8812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        319⤵
        
        PID:8828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        320⤵
        
        PID:8840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        321⤵
        
        PID:8856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        322⤵
        
        PID:8872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        323⤵
        
        PID:8884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        324⤵
        
        PID:8896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        325⤵
        
        PID:8912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        326⤵
        
        PID:8928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        327⤵
        
        PID:8944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        328⤵
        
        PID:8956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        329⤵
        
        PID:8968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        330⤵
        
        PID:8984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        331⤵
        
        PID:9000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        332⤵
        
        PID:9016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        333⤵
        
        PID:9032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        334⤵
        
        PID:9044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        335⤵
        
        PID:9060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        336⤵
        
        PID:9076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        337⤵
        
        PID:9092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        338⤵
        
        PID:9104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        339⤵
        
        PID:9120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        340⤵
        
        PID:9136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        341⤵
        
        PID:9152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        342⤵
        
        PID:9168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        343⤵
        
        PID:9180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        344⤵
        
        PID:9196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        345⤵
        
        PID:9212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        346⤵
        
        PID:9224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        347⤵
        
        PID:9240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        348⤵
        
        PID:9256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        349⤵
        
        PID:9268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        350⤵
        
        PID:9280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        351⤵
        
        PID:9300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        352⤵
        
        PID:9320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        353⤵
        
        PID:9336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        354⤵
        
        PID:9352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        355⤵
        
        PID:9368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        356⤵
        
        PID:9384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        357⤵
        
        PID:9396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        358⤵
        
        PID:9416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        359⤵
        
        PID:9432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        360⤵
        
        PID:9444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        361⤵
        
        PID:9456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        362⤵
        
        PID:9476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        363⤵
        
        PID:9492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        364⤵
        
        PID:9508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        365⤵
        
        PID:9524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        366⤵
        
        PID:9540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        367⤵
        
        PID:9556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        368⤵
        
        PID:9572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        369⤵
        
        PID:9588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        370⤵
        
        PID:9604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        371⤵
        
        PID:9620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        372⤵
        
        PID:9636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        373⤵
        
        PID:9652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        374⤵
        
        PID:9664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        375⤵
        
        PID:9680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        376⤵
        
        PID:9696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        377⤵
        
        PID:9712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        378⤵
        
        PID:9728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        379⤵
        
        PID:9744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        380⤵
        
        PID:9760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        381⤵
        
        PID:9776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        382⤵
        
        PID:9792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        383⤵
        
        PID:9804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        384⤵
        
        PID:9820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        385⤵
        
        PID:9840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        386⤵
        
        PID:9856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        387⤵
        
        PID:9872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        388⤵
        
        PID:9888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        389⤵
        
        PID:9904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        390⤵
        
        PID:9916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        391⤵
        
        PID:9932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        392⤵
        
        PID:9948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        393⤵
        
        PID:9964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        394⤵
        
        PID:9980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        395⤵
        
        PID:9992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        396⤵
        
        PID:10008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        397⤵
        
        PID:10020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        398⤵
        
        PID:10036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        399⤵
        
        PID:10052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        400⤵
        
        PID:10068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        401⤵
        
        PID:10080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        402⤵
        
        PID:10096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        403⤵
        
        PID:10108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        404⤵
        
        PID:10128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        405⤵
        
        PID:10144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        406⤵
        
        PID:10160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        407⤵
        
        PID:10176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        408⤵
        
        PID:10188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        409⤵
        
        PID:10200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        410⤵
        
        PID:10216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        411⤵
        
        PID:10228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        412⤵
        
        PID:4972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        413⤵
        
        PID:10252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        414⤵
        
        PID:10264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        415⤵
        
        PID:10280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        416⤵
        
        PID:10292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        417⤵
        
        PID:10312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        418⤵
        
        PID:10332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        419⤵
        
        PID:10344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        420⤵
        
        PID:10360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        421⤵
        
        PID:10376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        422⤵
        
        PID:10388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        423⤵
        
        PID:10404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        424⤵
        
        PID:10416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        425⤵
        
        PID:10436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        426⤵
        
        PID:10452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        427⤵
        
        PID:10468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        428⤵
        
        PID:10484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        429⤵
        
        PID:10500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        430⤵
        
        PID:10516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        431⤵
        
        PID:10532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        432⤵
        
        PID:10548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        433⤵
        
        PID:10564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        434⤵
        
        PID:10576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        435⤵
        
        PID:10592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        436⤵
        
        PID:10608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        437⤵
        
        PID:10624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        438⤵
        
        PID:10640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        439⤵
        
        PID:10656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        440⤵
        
        PID:10672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        441⤵
        
        PID:10688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        442⤵
        
        PID:10704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        443⤵
        
        PID:10720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        444⤵
        
        PID:10732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        445⤵
        
        PID:10748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        446⤵
        
        PID:10764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        447⤵
        
        PID:10780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        448⤵
        
        PID:10796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        449⤵
        
        PID:10812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        450⤵
        
        PID:10828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        451⤵
        
        PID:10848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        452⤵
        
        PID:10860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        453⤵
        
        PID:10876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        454⤵
        
        PID:10892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        455⤵
        
        PID:10908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        456⤵
        
        PID:10924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        457⤵
        
        PID:10940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        458⤵
        
        PID:10956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        459⤵
        
        PID:10972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        460⤵
        
        PID:10984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        461⤵
        
        PID:11000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        462⤵
        
        PID:11016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        463⤵
        
        PID:11028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        464⤵
        
        PID:11044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        465⤵
        
        PID:11060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        466⤵
        
        PID:11076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        467⤵
        
        PID:11092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        468⤵
        
        PID:11108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        469⤵
        
        PID:11120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        470⤵
        
        PID:11136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        471⤵
        
        PID:11152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        472⤵
        
        PID:11168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        473⤵
        
        PID:11184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        474⤵
        
        PID:11200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        475⤵
        
        PID:11216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        476⤵
        
        PID:11232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        477⤵
        
        PID:11248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        478⤵
        
        PID:448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        479⤵
        
        PID:4444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        480⤵
        
        PID:1368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        481⤵
        
        PID:4708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        482⤵
        
        PID:5088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        483⤵
        
        PID:4980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        484⤵
        
        PID:1380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        485⤵
        
        PID:11268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        486⤵
        
        PID:11288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        487⤵
        
        PID:11304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        488⤵
        
        PID:11320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        489⤵
        
        PID:11332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        490⤵
        
        PID:11352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        491⤵
        
        PID:11368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        492⤵
        
        PID:11384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        493⤵
        
        PID:11400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        494⤵
        
        PID:11416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        495⤵
        
        PID:11428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        496⤵
        
        PID:11452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        497⤵
        
        PID:11464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        498⤵
        
        PID:11484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        499⤵
        
        PID:11496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        500⤵
        
        PID:11516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        501⤵
        
        PID:11532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        502⤵
        
        PID:11548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        503⤵
        
        PID:11560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        504⤵
        
        PID:11576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        505⤵
        
        PID:11592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        506⤵
        
        PID:11608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        507⤵
        
        PID:11620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        508⤵
        
        PID:11632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        509⤵
        
        PID:11648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        510⤵
        
        PID:11664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        511⤵
        
        PID:11680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        512⤵
        
        PID:11696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        513⤵
        
        PID:11712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        514⤵
        
        PID:11728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        515⤵
        
        PID:11744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        516⤵
        
        PID:11760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        517⤵
        
        PID:11772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        518⤵
        
        PID:11784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        519⤵
        
        PID:11800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        520⤵
        
        PID:11816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        521⤵
        
        PID:11832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        522⤵
        
        PID:11848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        523⤵
        
        PID:11864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        524⤵
        
        PID:11880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        525⤵
        
        PID:11892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        526⤵
        
        PID:11908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        527⤵
        
        PID:11924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        528⤵
        
        PID:11940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        529⤵
        
        PID:11956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        530⤵
        
        PID:11972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        531⤵
        
        PID:11988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        532⤵
        
        PID:12000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        533⤵
        
        PID:12012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        534⤵
        
        PID:12032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        535⤵
        
        PID:12048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        536⤵
        
        PID:12064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        537⤵
        
        PID:12080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        538⤵
        
        PID:12096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        539⤵
        
        PID:12112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        540⤵
        
        PID:12128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        541⤵
        
        PID:12140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        542⤵
        
        PID:12156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        543⤵
        
        PID:12172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        544⤵
        
        PID:12188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        545⤵
        
        PID:12204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        546⤵
        
        PID:12216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        547⤵
        
        PID:12228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        548⤵
        
        PID:12244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        549⤵
        
        PID:12260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        550⤵
        
        PID:12272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        551⤵
        
        PID:12284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        552⤵
        
        PID:4660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        553⤵
        
        PID:12308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        554⤵
        
        PID:12320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        555⤵
        
        PID:12344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        556⤵
        
        PID:12356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        557⤵
        
        PID:12376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        558⤵
        
        PID:12388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        559⤵
        
        PID:12404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        560⤵
        
        PID:12420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        561⤵
        
        PID:12436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        562⤵
        
        PID:12452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        563⤵
        
        PID:12464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        564⤵
        
        PID:12480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        565⤵
        
        PID:12496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        566⤵
        
        PID:12512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        567⤵
        
        PID:12524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        568⤵
        
        PID:12540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        569⤵
        
        PID:12556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        570⤵
        
        PID:12572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        571⤵
        
        PID:12588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        572⤵
        
        PID:12600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        573⤵
        
        PID:12616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        574⤵
        
        PID:12628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        575⤵
        
        PID:12640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        576⤵
        
        PID:12656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        577⤵
        
        PID:12672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        578⤵
        
        PID:12688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        579⤵
        
        PID:12700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        580⤵
        
        PID:12716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        581⤵
        
        PID:12732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        582⤵
        
        PID:12748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        583⤵
        
        PID:12764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        584⤵
        
        PID:12780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        585⤵
        
        PID:12796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        586⤵
        
        PID:12812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        587⤵
        
        PID:12828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        588⤵
        
        PID:12844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        589⤵
        
        PID:12860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        590⤵
        
        PID:12876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        591⤵
        
        PID:12892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        592⤵
        
        PID:12908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        593⤵
        
        PID:12924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        594⤵
        
        PID:12940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        595⤵
        
        PID:12956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        596⤵
        
        PID:12972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        597⤵
        
        PID:12988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        598⤵
        
        PID:13000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        599⤵
        
        PID:13016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        600⤵
        
        PID:13032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        601⤵
        
        PID:13048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        602⤵
        
        PID:13064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        603⤵
        
        PID:13080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        604⤵
        
        PID:13096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        605⤵
        
        PID:13112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        606⤵
        
        PID:13128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        607⤵
        
        PID:13144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        608⤵
        
        PID:13160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        609⤵
        
        PID:13176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        610⤵
        
        PID:13192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        611⤵
        
        PID:13208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        612⤵
        
        PID:13224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        613⤵
        
        PID:13240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        614⤵
        
        PID:13256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        615⤵
        
        PID:13272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        616⤵
        
        PID:13288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        617⤵
        
        PID:13304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        618⤵
        
        PID:13320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        619⤵
        
        PID:13332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        620⤵
        
        PID:13348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        621⤵
        
        PID:13360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        622⤵
        
        PID:13376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        623⤵
        
        PID:13392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        624⤵
        
        PID:13404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        625⤵
        
        PID:13420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        626⤵
        
        PID:13432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        627⤵
        
        PID:13448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        628⤵
        
        PID:13464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        629⤵
        
        PID:13476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        630⤵
        
        PID:13492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        631⤵
        
        PID:13508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        632⤵
        
        PID:13520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        633⤵
        
        PID:13532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        634⤵
        
        PID:13548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        635⤵
        
        PID:13564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        636⤵
        
        PID:13580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        637⤵
        
        PID:13596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        638⤵
        
        PID:13612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        639⤵
        
        PID:13628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        640⤵
        
        PID:13644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        641⤵
        
        PID:13656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        642⤵
        
        PID:13672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        643⤵
        
        PID:13688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        644⤵
        
        PID:13704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        645⤵
        
        PID:13720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        646⤵
        
        PID:13732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        647⤵
        
        PID:13748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        648⤵
        
        PID:13760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        649⤵
        
        PID:13776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        650⤵
        
        PID:13792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        651⤵
        
        PID:13812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        652⤵
        
        PID:13828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        653⤵
        
        PID:13844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        654⤵
        
        PID:13856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        655⤵
        
        PID:13868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        656⤵
        
        PID:13884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        657⤵
        
        PID:13900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        658⤵
        
        PID:13916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        659⤵
        
        PID:13932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        660⤵
        
        PID:13944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        661⤵
        
        PID:13956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        662⤵
        
        PID:13972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        663⤵
        
        PID:13984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        664⤵
        
        PID:14000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        665⤵
        
        PID:14016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        666⤵
        
        PID:14032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        667⤵
        
        PID:14048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        668⤵
        
        PID:14060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        669⤵
        
        PID:14076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        670⤵
        
        PID:14092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        671⤵
        
        PID:14112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        672⤵
        
        PID:14128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        673⤵
        
        PID:14144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        674⤵
        
        PID:14160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        675⤵
        
        PID:14176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        676⤵
        
        PID:14192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        677⤵
        
        PID:14204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        678⤵
        
        PID:14216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        679⤵
        
        PID:14228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        680⤵
        
        PID:14244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        681⤵
        
        PID:14260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        682⤵
        
        PID:14276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        683⤵
        
        PID:14292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        684⤵
        
        PID:14308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        685⤵
        
        PID:14324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        686⤵
        
        PID:12332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        687⤵
        
        PID:14348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        688⤵
        
        PID:14364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        689⤵
        
        PID:14380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        690⤵
        
        PID:14392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        691⤵
        
        PID:14408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        692⤵
        
        PID:14424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        693⤵
        
        PID:14440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        694⤵
        
        PID:14456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        695⤵
        
        PID:14472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        696⤵
        
        PID:14488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        697⤵
        
        PID:14500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        698⤵
        
        PID:14516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        699⤵
        
        PID:14528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        700⤵
        
        PID:14540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        701⤵
        
        PID:14556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        702⤵
        
        PID:14572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        703⤵
        
        PID:14588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        704⤵
        
        PID:14604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        705⤵
        
        PID:14616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        706⤵
        
        PID:14632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        707⤵
        
        PID:14648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        708⤵
        
        PID:14660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        709⤵
        
        PID:14676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        710⤵
        
        PID:14692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        711⤵
        
        PID:14708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        712⤵
        
        PID:14724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        713⤵
        
        PID:14740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        714⤵
        
        PID:14756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        715⤵
        
        PID:14772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        716⤵
        
        PID:14788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        717⤵
        
        PID:14804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        718⤵
        
        PID:14820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        719⤵
        
        PID:14836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        720⤵
        
        PID:14852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        721⤵
        
        PID:14868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        722⤵
        
        PID:14884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        723⤵
        
        PID:14900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        724⤵
        
        PID:14916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        725⤵
        
        PID:14932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        726⤵
        
        PID:14948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        727⤵
        
        PID:14960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        728⤵
        
        PID:14976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        729⤵
        
        PID:14988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        730⤵
        
        PID:15004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        731⤵
        
        PID:15020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        732⤵
        
        PID:15036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        733⤵
        
        PID:15052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        734⤵
        
        PID:15068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        735⤵
        
        PID:15084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        736⤵
        
        PID:15096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        737⤵
        
        PID:15116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        738⤵
        
        PID:15128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        739⤵
        
        PID:15148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        740⤵
        
        PID:15164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        741⤵
        
        PID:15176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        742⤵
        
        PID:15192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        743⤵
        
        PID:15208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        744⤵
        
        PID:15224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        745⤵
        
        PID:15240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        746⤵
        
        PID:15252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        747⤵
        
        PID:15268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        748⤵
        
        PID:15284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        749⤵
        
        PID:15300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        750⤵
        
        PID:15316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        751⤵
        
        PID:15332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        752⤵
        
        PID:15348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        753⤵
        
        PID:3304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        754⤵
        
        PID:15368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        755⤵
        
        PID:15380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        756⤵
        
        PID:15400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        757⤵
        
        PID:15416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        758⤵
        
        PID:15432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        759⤵
        
        PID:15448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        760⤵
        
        PID:15464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        761⤵
        
        PID:15480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        762⤵
        
        PID:15496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        763⤵
        
        PID:15512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        764⤵
        
        PID:15524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        765⤵
        
        PID:15540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        766⤵
        
        PID:15552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        767⤵
        
        PID:15564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        768⤵
        
        PID:15584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        769⤵
        
        PID:15600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        770⤵
        
        PID:15616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        771⤵
        
        PID:15632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        772⤵
        
        PID:15648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        773⤵
        
        PID:15660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        774⤵
        
        PID:15680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        775⤵
        
        PID:15696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        776⤵
        
        PID:15712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        777⤵
        
        PID:15728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        778⤵
        
        PID:15744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        779⤵
        
        PID:15760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        780⤵
        
        PID:15776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        781⤵
        
        PID:15792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        782⤵
        
        PID:15808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        783⤵
        
        PID:15824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        784⤵
        
        PID:15840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        785⤵
        
        PID:15856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        786⤵
        
        PID:15872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        787⤵
        
        PID:15884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        788⤵
        
        PID:15900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        789⤵
        
        PID:15916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        790⤵
        
        PID:15932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        791⤵
        
        PID:15952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        792⤵
        
        PID:15968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        793⤵
        
        PID:15980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        794⤵
        
        PID:16000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        795⤵
        
        PID:16016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        796⤵
        
        PID:16032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        797⤵
        
        PID:16048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        798⤵
        
        PID:16064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        799⤵
        
        PID:16080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        800⤵
        
        PID:16120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        801⤵
        
        PID:16152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        802⤵
        
        PID:16168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        803⤵
        
        PID:16192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        804⤵
        
        PID:16244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        805⤵
        
        PID:16276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        806⤵
        
        PID:16332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        807⤵
        
        PID:16352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        808⤵
        
        PID:16376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        809⤵
        
        PID:4648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        810⤵
        
        PID:4672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        811⤵
        
        PID:3100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        812⤵
        
        PID:16072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        813⤵
        
        PID:1880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        814⤵
        
        PID:1208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        815⤵
        
        PID:3612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        816⤵
        
        PID:4064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        817⤵
        
        PID:1980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        818⤵
        
        PID:16400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        819⤵
        
        PID:16412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        820⤵
        
        PID:16428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        821⤵
        
        PID:16440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        822⤵
        
        PID:16460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        823⤵
        
        PID:16484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        824⤵
        
        PID:16496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        825⤵
        
        PID:16516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        826⤵
        
        PID:16528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        827⤵
        
        PID:16544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        828⤵
        
        PID:16560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        829⤵
        
        PID:16580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        830⤵
        
        PID:16600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        831⤵
        
        PID:16616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        832⤵
        
        PID:16628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        833⤵
        
        PID:16644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        834⤵
        
        PID:16660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        835⤵
        
        PID:16672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        836⤵
        
        PID:16688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        837⤵
        
        PID:16704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        838⤵
        
        PID:16720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        839⤵
        
        PID:16732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        840⤵
        
        PID:16748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        841⤵
        
        PID:16760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        842⤵
        
        PID:16772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        843⤵
        
        PID:16792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        844⤵
        
        PID:16804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        845⤵
        
        PID:16824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        846⤵
        
        PID:16840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        847⤵
        
        PID:16856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        848⤵
        
        PID:16872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        849⤵
        
        PID:16884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        850⤵
        
        PID:16900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        851⤵
        
        PID:16916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        852⤵
        
        PID:16932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        853⤵
        
        PID:16948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        854⤵
        
        PID:16968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        855⤵
        
        PID:16984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        856⤵
        
        PID:16996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        857⤵
        
        PID:17008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        858⤵
        
        PID:17028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        859⤵
        
        PID:17044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        860⤵
        
        PID:17060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        861⤵
        
        PID:17076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        862⤵
        
        PID:17092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        863⤵
        
        PID:17108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        864⤵
        
        PID:17124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f0068df368cb6ba4ee840dec59ecaf9_JaffaCakes118.dll,#1
        865⤵
        
        PID:17140

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=3852,i,7761714625659357865,10802238739796857379,262144 --variations-seed-version --mojo-platform-channel-handle=3828 /prefetch:8
1⤵
PID:8216

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/17076-1-0x0000000074E90000-0x0000000075114000-memory.dmp

Filesize
2.5MB

Download
memory/17092-0-0x0000000074E90000-0x0000000075114000-memory.dmp

Filesize
2.5MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads