02d71c2d99ff09168bce9b43bba9151188a0ec583f5d534ff595b12c23d5ad5d

Analysis

max time kernel
148s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240704-en
resource tags

arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
submitted
09-07-2024 06:22

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll
Size

39KB
MD5

2f49b338b5893aed51eaa798d8a86fd2
SHA1

bdf31fbc8cf42137f7dd4d5de0d06935802bc5e9
SHA256

02d71c2d99ff09168bce9b43bba9151188a0ec583f5d534ff595b12c23d5ad5d
SHA512

1636ca18b9ee815df1a629ddd05ef26092c95e0b020acb90f6dfc1fe08723ccfb73a1afc26faaf103a1516199f4ce6db4fa1b7fbaa6840227a334a068542e946
SSDEEP

768:firVdDjSxFV5vSGD6GeIJ65vkwV19sl284T:fejSPJDja797/

Score

1^/10

Malware Config

Signatures

Checks SCSI registry key(s) 3 TTPs 6 IoCs

SCSI information is often read in order to detect sandboxing environments.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000	dwm.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags	dwm.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000	dwm.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\ConfigFlags	dwm.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\HardwareID	dwm.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\HardwareID	dwm.exe

Enumerates system info in registry 2 TTPs 2 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	dwm.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU	dwm.exe

Modifies data under HKEY_USERS 18 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E	dwm.exe

Suspicious use of AdjustPrivilegeToken 6 IoCs

description	pid	Process
Token: SeCreateGlobalPrivilege	17032	dwm.exe
Token: SeChangeNotifyPrivilege	17032	dwm.exe
Token: 33	17032	dwm.exe
Token: SeIncBasePriorityPrivilege	17032	dwm.exe
Token: SeShutdownPrivilege	17032	dwm.exe
Token: SeCreatePagefilePrivilege	17032	dwm.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1996 wrote to memory of 3016	1996	rundll32.exe	82
PID 1996 wrote to memory of 3016	1996	rundll32.exe	82
PID 1996 wrote to memory of 3016	1996	rundll32.exe	82
PID 3016 wrote to memory of 4236	3016	rundll32.exe	83
PID 3016 wrote to memory of 4236	3016	rundll32.exe	83
PID 3016 wrote to memory of 4236	3016	rundll32.exe	83
PID 4236 wrote to memory of 1812	4236	rundll32.exe	84
PID 4236 wrote to memory of 1812	4236	rundll32.exe	84
PID 4236 wrote to memory of 1812	4236	rundll32.exe	84
PID 1812 wrote to memory of 4000	1812	rundll32.exe	85
PID 1812 wrote to memory of 4000	1812	rundll32.exe	85
PID 1812 wrote to memory of 4000	1812	rundll32.exe	85
PID 4000 wrote to memory of 4304	4000	rundll32.exe	86
PID 4000 wrote to memory of 4304	4000	rundll32.exe	86
PID 4000 wrote to memory of 4304	4000	rundll32.exe	86
PID 4304 wrote to memory of 2820	4304	rundll32.exe	87
PID 4304 wrote to memory of 2820	4304	rundll32.exe	87
PID 4304 wrote to memory of 2820	4304	rundll32.exe	87
PID 2820 wrote to memory of 2984	2820	rundll32.exe	88
PID 2820 wrote to memory of 2984	2820	rundll32.exe	88
PID 2820 wrote to memory of 2984	2820	rundll32.exe	88
PID 2984 wrote to memory of 3460	2984	rundll32.exe	89
PID 2984 wrote to memory of 3460	2984	rundll32.exe	89
PID 2984 wrote to memory of 3460	2984	rundll32.exe	89
PID 3460 wrote to memory of 3696	3460	rundll32.exe	90
PID 3460 wrote to memory of 3696	3460	rundll32.exe	90
PID 3460 wrote to memory of 3696	3460	rundll32.exe	90
PID 3696 wrote to memory of 3276	3696	rundll32.exe	92
PID 3696 wrote to memory of 3276	3696	rundll32.exe	92
PID 3696 wrote to memory of 3276	3696	rundll32.exe	92
PID 3276 wrote to memory of 4900	3276	rundll32.exe	93
PID 3276 wrote to memory of 4900	3276	rundll32.exe	93
PID 3276 wrote to memory of 4900	3276	rundll32.exe	93
PID 4900 wrote to memory of 3960	4900	rundll32.exe	94
PID 4900 wrote to memory of 3960	4900	rundll32.exe	94
PID 4900 wrote to memory of 3960	4900	rundll32.exe	94
PID 3960 wrote to memory of 4464	3960	rundll32.exe	95
PID 3960 wrote to memory of 4464	3960	rundll32.exe	95
PID 3960 wrote to memory of 4464	3960	rundll32.exe	95
PID 4464 wrote to memory of 2024	4464	rundll32.exe	96
PID 4464 wrote to memory of 2024	4464	rundll32.exe	96
PID 4464 wrote to memory of 2024	4464	rundll32.exe	96
PID 2024 wrote to memory of 1556	2024	rundll32.exe	97
PID 2024 wrote to memory of 1556	2024	rundll32.exe	97
PID 2024 wrote to memory of 1556	2024	rundll32.exe	97
PID 1556 wrote to memory of 1896	1556	rundll32.exe	98
PID 1556 wrote to memory of 1896	1556	rundll32.exe	98
PID 1556 wrote to memory of 1896	1556	rundll32.exe	98
PID 1896 wrote to memory of 2028	1896	rundll32.exe	99
PID 1896 wrote to memory of 2028	1896	rundll32.exe	99
PID 1896 wrote to memory of 2028	1896	rundll32.exe	99
PID 2028 wrote to memory of 4484	2028	rundll32.exe	101
PID 2028 wrote to memory of 4484	2028	rundll32.exe	101
PID 2028 wrote to memory of 4484	2028	rundll32.exe	101
PID 4484 wrote to memory of 1440	4484	rundll32.exe	102
PID 4484 wrote to memory of 1440	4484	rundll32.exe	102
PID 4484 wrote to memory of 1440	4484	rundll32.exe	102
PID 1440 wrote to memory of 4016	1440	rundll32.exe	103
PID 1440 wrote to memory of 4016	1440	rundll32.exe	103
PID 1440 wrote to memory of 4016	1440	rundll32.exe	103
PID 4016 wrote to memory of 2076	4016	rundll32.exe	104
PID 4016 wrote to memory of 2076	4016	rundll32.exe	104
PID 4016 wrote to memory of 2076	4016	rundll32.exe	104
PID 2076 wrote to memory of 212	2076	rundll32.exe	105

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:1996
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
  2⤵
  - Suspicious use of WriteProcessMemory
  PID:3016
- - C:\Windows\SysWOW64\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
    3⤵
    - Suspicious use of WriteProcessMemory
    PID:4236
  - - C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
      4⤵
      Suspicious use of WriteProcessMemory
      PID:1812
    - - C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        5⤵
        Suspicious use of WriteProcessMemory
        
        PID:4000
      - C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        6⤵
        Suspicious use of WriteProcessMemory
        
        PID:4304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        7⤵
        Suspicious use of WriteProcessMemory
        
        PID:2820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        8⤵
        Suspicious use of WriteProcessMemory
        
        PID:2984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        9⤵
        Suspicious use of WriteProcessMemory
        
        PID:3460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        10⤵
        Suspicious use of WriteProcessMemory
        
        PID:3696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        11⤵
        Suspicious use of WriteProcessMemory
        
        PID:3276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        12⤵
        Suspicious use of WriteProcessMemory
        
        PID:4900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        13⤵
        Suspicious use of WriteProcessMemory
        
        PID:3960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        14⤵
        Suspicious use of WriteProcessMemory
        
        PID:4464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        15⤵
        Suspicious use of WriteProcessMemory
        
        PID:2024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        16⤵
        Suspicious use of WriteProcessMemory
        
        PID:1556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        17⤵
        Suspicious use of WriteProcessMemory
        
        PID:1896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        18⤵
        Suspicious use of WriteProcessMemory
        
        PID:2028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        19⤵
        Suspicious use of WriteProcessMemory
        
        PID:4484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        20⤵
        Suspicious use of WriteProcessMemory
        
        PID:1440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        21⤵
        Suspicious use of WriteProcessMemory
        
        PID:4016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        22⤵
        Suspicious use of WriteProcessMemory
        
        PID:2076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        23⤵
        
        PID:212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        24⤵
        
        PID:224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        25⤵
        
        PID:1060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        26⤵
        
        PID:796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        27⤵
        
        PID:1076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        28⤵
        
        PID:5072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        29⤵
        
        PID:1172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        30⤵
        
        PID:4888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        31⤵
        
        PID:1240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        32⤵
        
        PID:3324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        33⤵
        
        PID:4176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        34⤵
        
        PID:3624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        35⤵
        
        PID:1944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        36⤵
        
        PID:4260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        37⤵
        
        PID:2328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        38⤵
        
        PID:1632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        39⤵
        
        PID:3544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        40⤵
        
        PID:1428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        41⤵
        
        PID:4836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        42⤵
        
        PID:4448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        43⤵
        
        PID:3988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        44⤵
        
        PID:3984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        45⤵
        
        PID:4572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        46⤵
        
        PID:3468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        47⤵
        
        PID:4508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        48⤵
        
        PID:836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        49⤵
        
        PID:4752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        50⤵
        
        PID:1480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        51⤵
        
        PID:2184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        52⤵
        
        PID:4280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        53⤵
        
        PID:2280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        54⤵
        
        PID:2192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        55⤵
        
        PID:2716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        56⤵
        
        PID:3800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        57⤵
        
        PID:3704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        58⤵
        
        PID:4004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        59⤵
        
        PID:4504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        60⤵
        
        PID:5048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        61⤵
        
        PID:3748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        62⤵
        
        PID:1300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        63⤵
        
        PID:2516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        64⤵
        
        PID:2140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        65⤵
        
        PID:1876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        66⤵
        
        PID:1376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        67⤵
        
        PID:3316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        68⤵
        
        PID:1104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        69⤵
        
        PID:3204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        70⤵
        
        PID:3368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        71⤵
        
        PID:1168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        72⤵
        
        PID:1412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        73⤵
        
        PID:1312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        74⤵
        
        PID:372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        75⤵
        
        PID:1500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        76⤵
        
        PID:396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        77⤵
        
        PID:484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        78⤵
        
        PID:4340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        79⤵
        
        PID:1828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        80⤵
        
        PID:3464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        81⤵
        
        PID:1680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        82⤵
        
        PID:4172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        83⤵
        
        PID:3444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        84⤵
        
        PID:4848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        85⤵
        
        PID:1916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        86⤵
        
        PID:4088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        87⤵
        
        PID:3532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        88⤵
        
        PID:3508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        89⤵
        
        PID:2132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        90⤵
        
        PID:3712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        91⤵
        
        PID:1392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        92⤵
        
        PID:4744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        93⤵
        
        PID:2680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        94⤵
        
        PID:2604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        95⤵
        
        PID:4636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        96⤵
        
        PID:2720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        97⤵
        
        PID:556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        98⤵
        
        PID:4092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        99⤵
        
        PID:1948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        100⤵
        
        PID:2980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        101⤵
        
        PID:4984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        102⤵
        
        PID:2332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        103⤵
        
        PID:4704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        104⤵
        
        PID:4532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        105⤵
        
        PID:2260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        106⤵
        
        PID:5000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        107⤵
        
        PID:4240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        108⤵
        
        PID:4868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        109⤵
        
        PID:1576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        110⤵
        
        PID:644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        111⤵
        
        PID:3572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        112⤵
        
        PID:1068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        113⤵
        
        PID:1244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        114⤵
        
        PID:5128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        115⤵
        
        PID:5144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        116⤵
        
        PID:5156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        117⤵
        
        PID:5172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        118⤵
        
        PID:5188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        119⤵
        
        PID:5204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        120⤵
        
        PID:5216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        121⤵
        
        PID:5232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        122⤵
        
        PID:5248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        123⤵
        
        PID:5264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        124⤵
        
        PID:5280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        125⤵
        
        PID:5296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        126⤵
        
        PID:5308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        127⤵
        
        PID:5320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        128⤵
        
        PID:5336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        129⤵
        
        PID:5348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        130⤵
        
        PID:5360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        131⤵
        
        PID:5380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        132⤵
        
        PID:5396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        133⤵
        
        PID:5412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        134⤵
        
        PID:5428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        135⤵
        
        PID:5444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        136⤵
        
        PID:5460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        137⤵
        
        PID:5476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        138⤵
        
        PID:5492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        139⤵
        
        PID:5508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        140⤵
        
        PID:5524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        141⤵
        
        PID:5540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        142⤵
        
        PID:5552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        143⤵
        
        PID:5568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        144⤵
        
        PID:5580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        145⤵
        
        PID:5596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        146⤵
        
        PID:5608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        147⤵
        
        PID:5624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        148⤵
        
        PID:5640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        149⤵
        
        PID:5656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        150⤵
        
        PID:5668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        151⤵
        
        PID:5684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        152⤵
        
        PID:5700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        153⤵
        
        PID:5716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        154⤵
        
        PID:5732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        155⤵
        
        PID:5748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        156⤵
        
        PID:5764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        157⤵
        
        PID:5780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        158⤵
        
        PID:5796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        159⤵
        
        PID:5812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        160⤵
        
        PID:5828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        161⤵
        
        PID:5844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        162⤵
        
        PID:5860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        163⤵
        
        PID:5876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        164⤵
        
        PID:5892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        165⤵
        
        PID:5908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        166⤵
        
        PID:5920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        167⤵
        
        PID:5932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        168⤵
        
        PID:5948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        169⤵
        
        PID:5960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        170⤵
        
        PID:5976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        171⤵
        
        PID:5988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        172⤵
        
        PID:6004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        173⤵
        
        PID:6020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        174⤵
        
        PID:6036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        175⤵
        
        PID:6052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        176⤵
        
        PID:6068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        177⤵
        
        PID:6080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        178⤵
        
        PID:6096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        179⤵
        
        PID:6112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        180⤵
        
        PID:6124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        181⤵
        
        PID:5032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        182⤵
        
        PID:1984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        183⤵
        
        PID:364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        184⤵
        
        PID:4012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        185⤵
        
        PID:2880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        186⤵
        
        PID:4488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        187⤵
        
        PID:6152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        188⤵
        
        PID:6168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        189⤵
        
        PID:6180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        190⤵
        
        PID:6196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        191⤵
        
        PID:6212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        192⤵
        
        PID:6228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        193⤵
        
        PID:6244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        194⤵
        
        PID:6256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        195⤵
        
        PID:6276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        196⤵
        
        PID:6292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        197⤵
        
        PID:6308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        198⤵
        
        PID:6324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        199⤵
        
        PID:6336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        200⤵
        
        PID:6352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        201⤵
        
        PID:6368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        202⤵
        
        PID:6384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        203⤵
        
        PID:6400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        204⤵
        
        PID:6412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        205⤵
        
        PID:6428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        206⤵
        
        PID:6440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        207⤵
        
        PID:6452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        208⤵
        
        PID:6464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        209⤵
        
        PID:6484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        210⤵
        
        PID:6496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        211⤵
        
        PID:6508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        212⤵
        
        PID:6524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        213⤵
        
        PID:6540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        214⤵
        
        PID:6556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        215⤵
        
        PID:6572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        216⤵
        
        PID:6588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        217⤵
        
        PID:6604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        218⤵
        
        PID:6620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        219⤵
        
        PID:6636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        220⤵
        
        PID:6648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        221⤵
        
        PID:6664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        222⤵
        
        PID:6680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        223⤵
        
        PID:6696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        224⤵
        
        PID:6712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        225⤵
        
        PID:6728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        226⤵
        
        PID:6744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        227⤵
        
        PID:6760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        228⤵
        
        PID:6776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        229⤵
        
        PID:6792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        230⤵
        
        PID:6804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        231⤵
        
        PID:6820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        232⤵
        
        PID:6836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        233⤵
        
        PID:6852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        234⤵
        
        PID:6868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        235⤵
        
        PID:6884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        236⤵
        
        PID:6896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        237⤵
        
        PID:6916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        238⤵
        
        PID:6932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        239⤵
        
        PID:6948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        240⤵
        
        PID:6960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        241⤵
        
        PID:6976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        242⤵
        
        PID:6992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        243⤵
        
        PID:7004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        244⤵
        
        PID:7020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        245⤵
        
        PID:7032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        246⤵
        
        PID:7048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        247⤵
        
        PID:7064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        248⤵
        
        PID:7076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        249⤵
        
        PID:7092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        250⤵
        
        PID:7112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        251⤵
        
        PID:7128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        252⤵
        
        PID:7144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        253⤵
        
        PID:7160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        254⤵
        
        PID:7180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        255⤵
        
        PID:7196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        256⤵
        
        PID:7212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        257⤵
        
        PID:7228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        258⤵
        
        PID:7244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        259⤵
        
        PID:7256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        260⤵
        
        PID:7272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        261⤵
        
        PID:7288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        262⤵
        
        PID:7304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        263⤵
        
        PID:7320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        264⤵
        
        PID:7340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        265⤵
        
        PID:7356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        266⤵
        
        PID:7368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        267⤵
        
        PID:7384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        268⤵
        
        PID:7400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        269⤵
        
        PID:7412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        270⤵
        
        PID:7428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        271⤵
        
        PID:7440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        272⤵
        
        PID:7456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        273⤵
        
        PID:7472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        274⤵
        
        PID:7484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        275⤵
        
        PID:7500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        276⤵
        
        PID:7516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        277⤵
        
        PID:7532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        278⤵
        
        PID:7548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        279⤵
        
        PID:7564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        280⤵
        
        PID:7580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        281⤵
        
        PID:7596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        282⤵
        
        PID:7612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        283⤵
        
        PID:7628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        284⤵
        
        PID:7644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        285⤵
        
        PID:7660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        286⤵
        
        PID:7676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        287⤵
        
        PID:7692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        288⤵
        
        PID:7708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        289⤵
        
        PID:7724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        290⤵
        
        PID:7740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        291⤵
        
        PID:7756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        292⤵
        
        PID:7772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        293⤵
        
        PID:7784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        294⤵
        
        PID:7804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        295⤵
        
        PID:7820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        296⤵
        
        PID:7832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        297⤵
        
        PID:7848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        298⤵
        
        PID:7860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        299⤵
        
        PID:7876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        300⤵
        
        PID:7888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        301⤵
        
        PID:7904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        302⤵
        
        PID:7916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        303⤵
        
        PID:7932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        304⤵
        
        PID:7948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        305⤵
        
        PID:7968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        306⤵
        
        PID:7984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        307⤵
        
        PID:8000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        308⤵
        
        PID:8012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        309⤵
        
        PID:8024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        310⤵
        
        PID:8040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        311⤵
        
        PID:8052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        312⤵
        
        PID:8068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        313⤵
        
        PID:8084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        314⤵
        
        PID:8100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        315⤵
        
        PID:8116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        316⤵
        
        PID:8128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        317⤵
        
        PID:8144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        318⤵
        
        PID:8160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        319⤵
        
        PID:8176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        320⤵
        
        PID:1968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        321⤵
        
        PID:8200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        322⤵
        
        PID:8216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        323⤵
        
        PID:8232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        324⤵
        
        PID:8244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        325⤵
        
        PID:8260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        326⤵
        
        PID:8272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        327⤵
        
        PID:8288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        328⤵
        
        PID:8304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        329⤵
        
        PID:8320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        330⤵
        
        PID:8336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        331⤵
        
        PID:8348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        332⤵
        
        PID:8368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        333⤵
        
        PID:8380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        334⤵
        
        PID:8396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        335⤵
        
        PID:8412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        336⤵
        
        PID:8428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        337⤵
        
        PID:8444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        338⤵
        
        PID:8460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        339⤵
        
        PID:8476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        340⤵
        
        PID:8492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        341⤵
        
        PID:8508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        342⤵
        
        PID:8524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        343⤵
        
        PID:8540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        344⤵
        
        PID:8556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        345⤵
        
        PID:8572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        346⤵
        
        PID:8588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        347⤵
        
        PID:8604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        348⤵
        
        PID:8620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        349⤵
        
        PID:8632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        350⤵
        
        PID:8648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        351⤵
        
        PID:8664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        352⤵
        
        PID:8676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        353⤵
        
        PID:8688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        354⤵
        
        PID:8704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        355⤵
        
        PID:8720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        356⤵
        
        PID:8740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        357⤵
        
        PID:8756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        358⤵
        
        PID:8768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        359⤵
        
        PID:8784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        360⤵
        
        PID:8800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        361⤵
        
        PID:8816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        362⤵
        
        PID:8832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        363⤵
        
        PID:8848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        364⤵
        
        PID:8864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        365⤵
        
        PID:8880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        366⤵
        
        PID:8896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        367⤵
        
        PID:8908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        368⤵
        
        PID:8920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        369⤵
        
        PID:8936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        370⤵
        
        PID:8948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        371⤵
        
        PID:8968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        372⤵
        
        PID:8984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        373⤵
        
        PID:9000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        374⤵
        
        PID:9016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        375⤵
        
        PID:9028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        376⤵
        
        PID:9044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        377⤵
        
        PID:9056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        378⤵
        
        PID:9076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        379⤵
        
        PID:9092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        380⤵
        
        PID:9108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        381⤵
        
        PID:9124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        382⤵
        
        PID:9140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        383⤵
        
        PID:9152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        384⤵
        
        PID:9168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        385⤵
        
        PID:9180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        386⤵
        
        PID:9196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        387⤵
        
        PID:9208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        388⤵
        
        PID:9220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        389⤵
        
        PID:9236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        390⤵
        
        PID:9252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        391⤵
        
        PID:9264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        392⤵
        
        PID:9276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        393⤵
        
        PID:9292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        394⤵
        
        PID:9308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        395⤵
        
        PID:9320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        396⤵
        
        PID:9336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        397⤵
        
        PID:9352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        398⤵
        
        PID:9368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        399⤵
        
        PID:9384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        400⤵
        
        PID:9396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        401⤵
        
        PID:9412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        402⤵
        
        PID:9428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        403⤵
        
        PID:9444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        404⤵
        
        PID:9460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        405⤵
        
        PID:9472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        406⤵
        
        PID:9488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        407⤵
        
        PID:9504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        408⤵
        
        PID:9520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        409⤵
        
        PID:9536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        410⤵
        
        PID:9552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        411⤵
        
        PID:9564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        412⤵
        
        PID:9580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        413⤵
        
        PID:9596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        414⤵
        
        PID:9612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        415⤵
        
        PID:9628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        416⤵
        
        PID:9644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        417⤵
        
        PID:9660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        418⤵
        
        PID:9676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        419⤵
        
        PID:9688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        420⤵
        
        PID:9704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        421⤵
        
        PID:9720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        422⤵
        
        PID:9736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        423⤵
        
        PID:9752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        424⤵
        
        PID:9764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        425⤵
        
        PID:9780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        426⤵
        
        PID:9792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        427⤵
        
        PID:9804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        428⤵
        
        PID:9820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        429⤵
        
        PID:9836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        430⤵
        
        PID:9848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        431⤵
        
        PID:9868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        432⤵
        
        PID:9884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        433⤵
        
        PID:9896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        434⤵
        
        PID:9908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        435⤵
        
        PID:9920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        436⤵
        
        PID:9940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        437⤵
        
        PID:9956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        438⤵
        
        PID:9972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        439⤵
        
        PID:9988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        440⤵
        
        PID:10004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        441⤵
        
        PID:10020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        442⤵
        
        PID:10032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        443⤵
        
        PID:10044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        444⤵
        
        PID:10064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        445⤵
        
        PID:10080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        446⤵
        
        PID:10096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        447⤵
        
        PID:10112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        448⤵
        
        PID:10128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        449⤵
        
        PID:10144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        450⤵
        
        PID:10160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        451⤵
        
        PID:10176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        452⤵
        
        PID:10192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        453⤵
        
        PID:10208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        454⤵
        
        PID:10224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        455⤵
        
        PID:8736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        456⤵
        
        PID:10244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        457⤵
        
        PID:10256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        458⤵
        
        PID:10268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        459⤵
        
        PID:10288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        460⤵
        
        PID:10304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        461⤵
        
        PID:10316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        462⤵
        
        PID:10332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        463⤵
        
        PID:10348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        464⤵
        
        PID:10360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        465⤵
        
        PID:10376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        466⤵
        
        PID:10388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        467⤵
        
        PID:10408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        468⤵
        
        PID:10424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        469⤵
        
        PID:10440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        470⤵
        
        PID:10456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        471⤵
        
        PID:10468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        472⤵
        
        PID:10484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        473⤵
        
        PID:10500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        474⤵
        
        PID:10516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        475⤵
        
        PID:10532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        476⤵
        
        PID:10548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        477⤵
        
        PID:10564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        478⤵
        
        PID:10580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        479⤵
        
        PID:10596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        480⤵
        
        PID:10612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        481⤵
        
        PID:10628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        482⤵
        
        PID:10644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        483⤵
        
        PID:10660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        484⤵
        
        PID:10676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        485⤵
        
        PID:10692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        486⤵
        
        PID:10708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        487⤵
        
        PID:10720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        488⤵
        
        PID:10736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        489⤵
        
        PID:10748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        490⤵
        
        PID:10764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        491⤵
        
        PID:10780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        492⤵
        
        PID:10796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        493⤵
        
        PID:10812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        494⤵
        
        PID:10828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        495⤵
        
        PID:10844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        496⤵
        
        PID:10860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        497⤵
        
        PID:10876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        498⤵
        
        PID:10892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        499⤵
        
        PID:10904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        500⤵
        
        PID:10920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        501⤵
        
        PID:10936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        502⤵
        
        PID:10952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        503⤵
        
        PID:10968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        504⤵
        
        PID:10984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        505⤵
        
        PID:11000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        506⤵
        
        PID:11016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        507⤵
        
        PID:11032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        508⤵
        
        PID:11048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        509⤵
        
        PID:11064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        510⤵
        
        PID:11080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        511⤵
        
        PID:11096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        512⤵
        
        PID:11112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        513⤵
        
        PID:11128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        514⤵
        
        PID:11144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        515⤵
        
        PID:11156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        516⤵
        
        PID:11172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        517⤵
        
        PID:11192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        518⤵
        
        PID:11208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        519⤵
        
        PID:11224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        520⤵
        
        PID:11236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        521⤵
        
        PID:11256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        522⤵
        
        PID:11272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        523⤵
        
        PID:11288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        524⤵
        
        PID:11304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        525⤵
        
        PID:11320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        526⤵
        
        PID:11332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        527⤵
        
        PID:11348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        528⤵
        
        PID:11364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        529⤵
        
        PID:11376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        530⤵
        
        PID:11388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        531⤵
        
        PID:11408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        532⤵
        
        PID:11424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        533⤵
        
        PID:11440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        534⤵
        
        PID:11452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        535⤵
        
        PID:11464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        536⤵
        
        PID:11484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        537⤵
        
        PID:11500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        538⤵
        
        PID:11516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        539⤵
        
        PID:11532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        540⤵
        
        PID:11548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        541⤵
        
        PID:11564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        542⤵
        
        PID:11580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        543⤵
        
        PID:11592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        544⤵
        
        PID:11604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        545⤵
        
        PID:11620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        546⤵
        
        PID:11636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        547⤵
        
        PID:11652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        548⤵
        
        PID:11668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        549⤵
        
        PID:11684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        550⤵
        
        PID:11700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        551⤵
        
        PID:11712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        552⤵
        
        PID:11728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        553⤵
        
        PID:11740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        554⤵
        
        PID:11756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        555⤵
        
        PID:11772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        556⤵
        
        PID:11788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        557⤵
        
        PID:11804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        558⤵
        
        PID:11820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        559⤵
        
        PID:11836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        560⤵
        
        PID:11852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        561⤵
        
        PID:11868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        562⤵
        
        PID:11884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        563⤵
        
        PID:11900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        564⤵
        
        PID:11916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        565⤵
        
        PID:11928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        566⤵
        
        PID:11948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        567⤵
        
        PID:11964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        568⤵
        
        PID:11980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        569⤵
        
        PID:11996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        570⤵
        
        PID:12012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        571⤵
        
        PID:12028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        572⤵
        
        PID:12044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        573⤵
        
        PID:12060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        574⤵
        
        PID:12076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        575⤵
        
        PID:12092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        576⤵
        
        PID:12104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        577⤵
        
        PID:12124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        578⤵
        
        PID:12140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        579⤵
        
        PID:12156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        580⤵
        
        PID:12172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        581⤵
        
        PID:12188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        582⤵
        
        PID:12204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        583⤵
        
        PID:12220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        584⤵
        
        PID:12236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        585⤵
        
        PID:12248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        586⤵
        
        PID:12260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        587⤵
        
        PID:12280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        588⤵
        
        PID:12292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        589⤵
        
        PID:12308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        590⤵
        
        PID:12320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        591⤵
        
        PID:12332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        592⤵
        
        PID:12344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        593⤵
        
        PID:12360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        594⤵
        
        PID:12376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        595⤵
        
        PID:12392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        596⤵
        
        PID:12408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        597⤵
        
        PID:12420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        598⤵
        
        PID:12436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        599⤵
        
        PID:12448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        600⤵
        
        PID:12464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        601⤵
        
        PID:12480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        602⤵
        
        PID:12496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        603⤵
        
        PID:12512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        604⤵
        
        PID:12528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        605⤵
        
        PID:12544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        606⤵
        
        PID:12556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        607⤵
        
        PID:12572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        608⤵
        
        PID:12584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        609⤵
        
        PID:12600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        610⤵
        
        PID:12616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        611⤵
        
        PID:12632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        612⤵
        
        PID:12648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        613⤵
        
        PID:12664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        614⤵
        
        PID:12680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        615⤵
        
        PID:12696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        616⤵
        
        PID:12716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        617⤵
        
        PID:12728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        618⤵
        
        PID:12744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        619⤵
        
        PID:12760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        620⤵
        
        PID:12776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        621⤵
        
        PID:12792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        622⤵
        
        PID:12804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        623⤵
        
        PID:12820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        624⤵
        
        PID:12836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        625⤵
        
        PID:12852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        626⤵
        
        PID:12868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        627⤵
        
        PID:12884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        628⤵
        
        PID:12900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        629⤵
        
        PID:12916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        630⤵
        
        PID:12932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        631⤵
        
        PID:12948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        632⤵
        
        PID:12960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        633⤵
        
        PID:12976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        634⤵
        
        PID:12992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        635⤵
        
        PID:13008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        636⤵
        
        PID:13024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        637⤵
        
        PID:13036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        638⤵
        
        PID:13052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        639⤵
        
        PID:13068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        640⤵
        
        PID:13084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        641⤵
        
        PID:13100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        642⤵
        
        PID:13116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        643⤵
        
        PID:13132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        644⤵
        
        PID:13148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        645⤵
        
        PID:13164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        646⤵
        
        PID:13180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        647⤵
        
        PID:13196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        648⤵
        
        PID:13212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        649⤵
        
        PID:13228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        650⤵
        
        PID:13244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        651⤵
        
        PID:13256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        652⤵
        
        PID:13268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        653⤵
        
        PID:13284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        654⤵
        
        PID:13300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        655⤵
        
        PID:12704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        656⤵
        
        PID:13328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        657⤵
        
        PID:13348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        658⤵
        
        PID:13364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        659⤵
        
        PID:13376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        660⤵
        
        PID:13388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        661⤵
        
        PID:13404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        662⤵
        
        PID:13420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        663⤵
        
        PID:13436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        664⤵
        
        PID:13448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        665⤵
        
        PID:13464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        666⤵
        
        PID:13480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        667⤵
        
        PID:13496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        668⤵
        
        PID:13512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        669⤵
        
        PID:13524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        670⤵
        
        PID:13536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        671⤵
        
        PID:13552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        672⤵
        
        PID:13568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        673⤵
        
        PID:13584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        674⤵
        
        PID:13600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        675⤵
        
        PID:13616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        676⤵
        
        PID:13632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        677⤵
        
        PID:13648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        678⤵
        
        PID:13660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        679⤵
        
        PID:13676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        680⤵
        
        PID:13692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        681⤵
        
        PID:13708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        682⤵
        
        PID:13724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        683⤵
        
        PID:13740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        684⤵
        
        PID:13752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        685⤵
        
        PID:13768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        686⤵
        
        PID:13784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        687⤵
        
        PID:13800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        688⤵
        
        PID:13812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        689⤵
        
        PID:13832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        690⤵
        
        PID:13848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        691⤵
        
        PID:13864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        692⤵
        
        PID:13876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        693⤵
        
        PID:13892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        694⤵
        
        PID:13904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        695⤵
        
        PID:13920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        696⤵
        
        PID:13932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        697⤵
        
        PID:13948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        698⤵
        
        PID:13964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        699⤵
        
        PID:13976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        700⤵
        
        PID:13992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        701⤵
        
        PID:14004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        702⤵
        
        PID:14020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        703⤵
        
        PID:14036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        704⤵
        
        PID:14048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        705⤵
        
        PID:14064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        706⤵
        
        PID:14080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        707⤵
        
        PID:14100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        708⤵
        
        PID:14116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        709⤵
        
        PID:14132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        710⤵
        
        PID:14148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        711⤵
        
        PID:14160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        712⤵
        
        PID:14172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        713⤵
        
        PID:14188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        714⤵
        
        PID:14204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        715⤵
        
        PID:14216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        716⤵
        
        PID:14232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        717⤵
        
        PID:14248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        718⤵
        
        PID:14264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        719⤵
        
        PID:14280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        720⤵
        
        PID:14296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        721⤵
        
        PID:14312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        722⤵
        
        PID:14328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        723⤵
        
        PID:14340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        724⤵
        
        PID:14356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        725⤵
        
        PID:14372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        726⤵
        
        PID:14388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        727⤵
        
        PID:14400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        728⤵
        
        PID:14420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        729⤵
        
        PID:14436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        730⤵
        
        PID:14452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        731⤵
        
        PID:14464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        732⤵
        
        PID:14484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        733⤵
        
        PID:14500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        734⤵
        
        PID:14516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        735⤵
        
        PID:14532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        736⤵
        
        PID:14548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        737⤵
        
        PID:14560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        738⤵
        
        PID:14576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        739⤵
        
        PID:14588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        740⤵
        
        PID:14600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        741⤵
        
        PID:14612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        742⤵
        
        PID:14628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        743⤵
        
        PID:14640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        744⤵
        
        PID:14656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        745⤵
        
        PID:14672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        746⤵
        
        PID:14688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        747⤵
        
        PID:14704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        748⤵
        
        PID:14720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        749⤵
        
        PID:14732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        750⤵
        
        PID:14748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        751⤵
        
        PID:14764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        752⤵
        
        PID:14780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        753⤵
        
        PID:14792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        754⤵
        
        PID:14804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        755⤵
        
        PID:14816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        756⤵
        
        PID:14836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        757⤵
        
        PID:14852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        758⤵
        
        PID:14872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        759⤵
        
        PID:14888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        760⤵
        
        PID:14904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        761⤵
        
        PID:14920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        762⤵
        
        PID:14936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        763⤵
        
        PID:14948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        764⤵
        
        PID:14964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        765⤵
        
        PID:14980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        766⤵
        
        PID:14996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        767⤵
        
        PID:15012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        768⤵
        
        PID:15028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        769⤵
        
        PID:15044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        770⤵
        
        PID:15060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        771⤵
        
        PID:15076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        772⤵
        
        PID:15092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        773⤵
        
        PID:15108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        774⤵
        
        PID:15124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        775⤵
        
        PID:15140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        776⤵
        
        PID:15156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        777⤵
        
        PID:15172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        778⤵
        
        PID:15188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        779⤵
        
        PID:15204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        780⤵
        
        PID:15220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        781⤵
        
        PID:15236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        782⤵
        
        PID:15252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        783⤵
        
        PID:15264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        784⤵
        
        PID:15280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        785⤵
        
        PID:15296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        786⤵
        
        PID:15312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        787⤵
        
        PID:15328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        788⤵
        
        PID:15344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        789⤵
        
        PID:14088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        790⤵
        
        PID:15372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        791⤵
        
        PID:15388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        792⤵
        
        PID:15404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        793⤵
        
        PID:15420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        794⤵
        
        PID:15436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        795⤵
        
        PID:15452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        796⤵
        
        PID:15468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        797⤵
        
        PID:15484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        798⤵
        
        PID:15500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        799⤵
        
        PID:15516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        800⤵
        
        PID:15528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        801⤵
        
        PID:15540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        802⤵
        
        PID:15560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        803⤵
        
        PID:15576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        804⤵
        
        PID:15588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        805⤵
        
        PID:15604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        806⤵
        
        PID:15620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        807⤵
        
        PID:15636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        808⤵
        
        PID:15656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        809⤵
        
        PID:15672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        810⤵
        
        PID:15688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        811⤵
        
        PID:15704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        812⤵
        
        PID:15720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        813⤵
        
        PID:15732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        814⤵
        
        PID:15748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        815⤵
        
        PID:15764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        816⤵
        
        PID:15776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        817⤵
        
        PID:15792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        818⤵
        
        PID:15808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        819⤵
        
        PID:15824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        820⤵
        
        PID:15836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        821⤵
        
        PID:15856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        822⤵
        
        PID:15872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        823⤵
        
        PID:15888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        824⤵
        
        PID:15904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        825⤵
        
        PID:15916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        826⤵
        
        PID:15932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        827⤵
        
        PID:15944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        828⤵
        
        PID:15960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        829⤵
        
        PID:15984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        830⤵
        
        PID:16004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        831⤵
        
        PID:16016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        832⤵
        
        PID:16032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        833⤵
        
        PID:16048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        834⤵
        
        PID:16064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        835⤵
        
        PID:16076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        836⤵
        
        PID:16092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        837⤵
        
        PID:16104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        838⤵
        
        PID:16120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        839⤵
        
        PID:16136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        840⤵
        
        PID:16148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        841⤵
        
        PID:16164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        842⤵
        
        PID:16180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        843⤵
        
        PID:16192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        844⤵
        
        PID:16212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        845⤵
        
        PID:16224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        846⤵
        
        PID:16240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        847⤵
        
        PID:16256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        848⤵
        
        PID:16272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        849⤵
        
        PID:16284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        850⤵
        
        PID:16304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        851⤵
        
        PID:16320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        852⤵
        
        PID:16336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        853⤵
        
        PID:16348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        854⤵
        
        PID:16364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        855⤵
        
        PID:16380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        856⤵
        
        PID:14860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        857⤵
        
        PID:3472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        858⤵
        
        PID:15644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        859⤵
        
        PID:16400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        860⤵
        
        PID:16416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        861⤵
        
        PID:16432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        862⤵
        
        PID:16448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        863⤵
        
        PID:16464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        864⤵
        
        PID:16480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        865⤵
        
        PID:16492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        866⤵
        
        PID:16504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        867⤵
        
        PID:16520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        868⤵
        
        PID:16536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        869⤵
        
        PID:16548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        870⤵
        
        PID:16564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        871⤵
        
        PID:16576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        872⤵
        
        PID:16592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        873⤵
        
        PID:16608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        874⤵
        
        PID:16624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        875⤵
        
        PID:16640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        876⤵
        
        PID:16656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        877⤵
        
        PID:16672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        878⤵
        
        PID:16688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        879⤵
        
        PID:16704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        880⤵
        
        PID:16720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        881⤵
        
        PID:16736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        882⤵
        
        PID:16752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        883⤵
        
        PID:16768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        884⤵
        
        PID:16780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        885⤵
        
        PID:16792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        886⤵
        
        PID:16808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        887⤵
        
        PID:16820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2f49b338b5893aed51eaa798d8a86fd2_JaffaCakes118.dll,#1
        888⤵
        
        PID:16836

C:\Windows\system32\dwm.exe
"dwm.exe"
1⤵
- Checks SCSI registry key(s)
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious use of AdjustPrivilegeToken
PID:17032

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/16768-4-0x0000000075620000-0x00000000758A4000-memory.dmp

Filesize
2.5MB

Download
memory/16780-3-0x0000000075620000-0x00000000758A4000-memory.dmp

Filesize
2.5MB

Download
memory/16792-2-0x0000000075620000-0x00000000758A4000-memory.dmp

Filesize
2.5MB

Download
memory/16808-1-0x0000000075620000-0x00000000758A4000-memory.dmp

Filesize
2.5MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads