modiloader | d5793e7fbee741ffc172ca63c415d6cbeb0ec98c952d0c6d94b6ceea2bb3209e

Analysis

max time kernel
150s
max time network
97s
platform
windows10-2004_x64
resource
win10v2004-20240704-en
resource tags

arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
submitted
09/07/2024, 12:54

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
Size

37KB
MD5

30744fef2eb151a8f419b86c1ca56139
SHA1

b647e50a790b7427cd490a4942cdedd4f5392fcf
SHA256

d5793e7fbee741ffc172ca63c415d6cbeb0ec98c952d0c6d94b6ceea2bb3209e
SHA512

3c363786118a87f3d82a102e5a83f2e383b61a72551514305132aac60c314c65e552045f61284a7914c8bf787c5aa751b64de2194d76009ddc8ae367c0484204
SSDEEP

768:lTo0pgD7/XLAUZobRt4+svX8Nqb0vvmzshX0AcUrU/AhMbpCk:lTo7A0THzstV8

Score

10^/10

modiloader trojan

Malware Config

Signatures

ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
trojan modiloader

ModiLoader Second Stage 64 IoCs

resource	yara_rule
behavioral2/memory/3960-5-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/1552-4-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/3732-3-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/1892-2-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/4896-1-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/3600-0-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/3076-7-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/2936-6-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/2120-9-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/2668-8-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/2104-11-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/2356-10-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/2292-12-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/2576-13-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/1740-15-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/3876-14-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/2360-16-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/3096-17-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/4032-18-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/3608-20-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/4880-19-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/4784-21-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/3264-22-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/4828-23-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/4220-25-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/5048-27-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/4536-26-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/2384-30-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/5012-29-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/3344-28-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/1400-24-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/1192-34-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/5096-33-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/852-35-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/1556-32-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/528-31-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/904-36-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/4076-37-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/2916-40-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/464-39-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/3076-41-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/4092-38-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/2568-42-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/3796-43-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/4976-45-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/3716-44-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/2784-46-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/996-47-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/2832-48-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/3024-49-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/848-51-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/2300-50-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/3600-52-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/3020-53-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/560-54-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/4072-55-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/5100-56-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/1632-57-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/3416-58-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/1012-59-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/2120-60-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/1972-62-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/696-63-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2
behavioral2/memory/1712-61-0x0000000019140000-0x0000000019150000-memory.dmp	modiloader_stage2

Suspicious use of SetThreadContext 64 IoCs

description	pid	Process	procid_target
PID 1552 set thread context of 3608	1552	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	82
PID 3608 set thread context of 4032	3608	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	84
PID 4032 set thread context of 3600	4032	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	85
PID 3600 set thread context of 3264	3600	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	86
PID 3264 set thread context of 1892	3264	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	87
PID 1892 set thread context of 4880	1892	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	88
PID 4880 set thread context of 3732	4880	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	92
PID 3732 set thread context of 4896	3732	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	97
PID 4896 set thread context of 3960	4896	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	98
PID 3960 set thread context of 2936	3960	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	100
PID 2936 set thread context of 3076	2936	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	102
PID 3076 set thread context of 2356	3076	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	104
PID 2356 set thread context of 2668	2356	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	105
PID 2668 set thread context of 2120	2668	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	107
PID 2120 set thread context of 2292	2120	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	110
PID 2292 set thread context of 2104	2292	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	115
PID 2104 set thread context of 2576	2104	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	119
PID 2576 set thread context of 1740	2576	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	121
PID 1740 set thread context of 3876	1740	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	122
PID 3876 set thread context of 2360	3876	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	124
PID 2360 set thread context of 3096	2360	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	127
PID 3096 set thread context of 1192	3096	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	128
PID 1192 set thread context of 852	1192	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	131
PID 852 set thread context of 4784	852	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	133
PID 4784 set thread context of 5048	4784	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	314
PID 5048 set thread context of 3796	5048	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	136
PID 3796 set thread context of 4828	3796	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	267
PID 4828 set thread context of 4220	4828	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	142
PID 4220 set thread context of 1400	4220	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	408
PID 1400 set thread context of 4536	1400	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	146
PID 4536 set thread context of 3344	4536	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	313
PID 3344 set thread context of 2784	3344	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	356
PID 2784 set thread context of 5012	2784	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	445
PID 5012 set thread context of 528	5012	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	239
PID 528 set thread context of 2384	528	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	540
PID 2384 set thread context of 1556	2384	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	158
PID 1556 set thread context of 5096	1556	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	509
PID 5096 set thread context of 4072	5096	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	163
PID 4072 set thread context of 3024	4072	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	488
PID 3024 set thread context of 904	3024	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	455
PID 904 set thread context of 4076	904	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	620
PID 4076 set thread context of 464	4076	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	716
PID 464 set thread context of 2916	464	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	347
PID 2916 set thread context of 4092	2916	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	665
PID 4092 set thread context of 3076	4092	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	735
PID 3076 set thread context of 2568	3076	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	182
PID 2568 set thread context of 2120	2568	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	832
PID 2120 set thread context of 3716	2120	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	904
PID 3716 set thread context of 4976	3716	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	518
PID 4976 set thread context of 3416	4976	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	960
PID 3416 set thread context of 996	3416	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	192
PID 996 set thread context of 2832	996	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	1016
PID 2832 set thread context of 1048	2832	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	197
PID 1048 set thread context of 2300	1048	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	200
PID 2300 set thread context of 848	2300	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	923
PID 848 set thread context of 3600	848	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	811
PID 3600 set thread context of 3020	3600	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	942
PID 3020 set thread context of 560	3020	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	955
PID 560 set thread context of 4252	560	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	988
PID 4252 set thread context of 5100	4252	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	538
PID 5100 set thread context of 1632	5100	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	873
PID 1632 set thread context of 4488	1632	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	1066
PID 4488 set thread context of 324	4488	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	1211
PID 324 set thread context of 1012	324	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	986

Program crash 64 IoCs

pid	pid_target	Process	procid_target
4788	3608	WerFault.exe	82
3192	4880	WerFault.exe	88
848	4032	WerFault.exe	84
3108	3264	WerFault.exe	86
3104	1192	WerFault.exe	128
3176	852	WerFault.exe	131
696	5048	WerFault.exe	135
3140	2784	WerFault.exe	150
1044	3796	WerFault.exe	136
824	4072	WerFault.exe	163
1536	3024	WerFault.exe	165
4188	2120	WerFault.exe	186
4948	3416	WerFault.exe	191
4192	1048	WerFault.exe	197
1400	4252	WerFault.exe	210
4480	4488	WerFault.exe	218
4364	324	WerFault.exe	221
872	4496	WerFault.exe	236
740	528	WerFault.exe	239
4776	2668	WerFault.exe	257
4628	1132	WerFault.exe	259
1984	3960	WerFault.exe	275
1568	4864	WerFault.exe	278
2776	1892	WerFault.exe	297
3312	4160	WerFault.exe	305
384	3868	WerFault.exe	319
1700	2552	WerFault.exe	321
3384	5076	WerFault.exe	338
1404	2356	WerFault.exe	342
3264	4092	WerFault.exe	366
5008	3356	WerFault.exe	363
4128	2496	WerFault.exe	371
432	4664	WerFault.exe	378
4068	1624	WerFault.exe	392
3508	312	WerFault.exe	397
4896	376	WerFault.exe	396
5060	1856	WerFault.exe	407
2692	2936	WerFault.exe	421
4464	1076	WerFault.exe	436
2028	5064	WerFault.exe	435
4632	4616	WerFault.exe	450
1132	3604	WerFault.exe	462
4460	4820	WerFault.exe	463
2232	5020	WerFault.exe	473
4864	3024	WerFault.exe	488
1892	2840	WerFault.exe	504
2576	3244	WerFault.exe	514
2420	1568	WerFault.exe	500
2112	4988	WerFault.exe	529
3736	4828	WerFault.exe	536
2092	2304	WerFault.exe	542
3188	4640	WerFault.exe	550
3444	856	WerFault.exe	566
2516	4468	WerFault.exe	563
4276	4056	WerFault.exe	579
3312	464	WerFault.exe	593
2784	3660	WerFault.exe	595
4016	1044	WerFault.exe	603
1388	3724	WerFault.exe	619
4188	2832	WerFault.exe	627
4740	1596	WerFault.exe	624
4084	1760	WerFault.exe	638
2124	5056	WerFault.exe	661
852	4092	WerFault.exe	665

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1552 wrote to memory of 3608	1552	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	82
PID 1552 wrote to memory of 3608	1552	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	82
PID 1552 wrote to memory of 3608	1552	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	82
PID 1552 wrote to memory of 3608	1552	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	82
PID 3608 wrote to memory of 4032	3608	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	84
PID 3608 wrote to memory of 4032	3608	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	84
PID 3608 wrote to memory of 4032	3608	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	84
PID 3608 wrote to memory of 4032	3608	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	84
PID 4032 wrote to memory of 3600	4032	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	85
PID 4032 wrote to memory of 3600	4032	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	85
PID 4032 wrote to memory of 3600	4032	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	85
PID 4032 wrote to memory of 3600	4032	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	85
PID 3600 wrote to memory of 3264	3600	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	86
PID 3600 wrote to memory of 3264	3600	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	86
PID 3600 wrote to memory of 3264	3600	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	86
PID 3600 wrote to memory of 3264	3600	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	86
PID 3264 wrote to memory of 1892	3264	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	87
PID 3264 wrote to memory of 1892	3264	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	87
PID 3264 wrote to memory of 1892	3264	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	87
PID 3264 wrote to memory of 1892	3264	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	87
PID 1892 wrote to memory of 4880	1892	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	88
PID 1892 wrote to memory of 4880	1892	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	88
PID 1892 wrote to memory of 4880	1892	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	88
PID 1892 wrote to memory of 4880	1892	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	88
PID 4880 wrote to memory of 3732	4880	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	92
PID 4880 wrote to memory of 3732	4880	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	92
PID 4880 wrote to memory of 3732	4880	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	92
PID 4880 wrote to memory of 3732	4880	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	92
PID 3732 wrote to memory of 4896	3732	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	97
PID 3732 wrote to memory of 4896	3732	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	97
PID 3732 wrote to memory of 4896	3732	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	97
PID 3732 wrote to memory of 4896	3732	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	97
PID 4896 wrote to memory of 3960	4896	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	98
PID 4896 wrote to memory of 3960	4896	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	98
PID 4896 wrote to memory of 3960	4896	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	98
PID 4896 wrote to memory of 3960	4896	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	98
PID 3960 wrote to memory of 2936	3960	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	100
PID 3960 wrote to memory of 2936	3960	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	100
PID 3960 wrote to memory of 2936	3960	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	100
PID 3960 wrote to memory of 2936	3960	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	100
PID 2936 wrote to memory of 3076	2936	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	102
PID 2936 wrote to memory of 3076	2936	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	102
PID 2936 wrote to memory of 3076	2936	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	102
PID 2936 wrote to memory of 3076	2936	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	102
PID 3076 wrote to memory of 2356	3076	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	104
PID 3076 wrote to memory of 2356	3076	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	104
PID 3076 wrote to memory of 2356	3076	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	104
PID 3076 wrote to memory of 2356	3076	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	104
PID 2356 wrote to memory of 2668	2356	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	105
PID 2356 wrote to memory of 2668	2356	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	105
PID 2356 wrote to memory of 2668	2356	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	105
PID 2356 wrote to memory of 2668	2356	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	105
PID 2668 wrote to memory of 2120	2668	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	107
PID 2668 wrote to memory of 2120	2668	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	107
PID 2668 wrote to memory of 2120	2668	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	107
PID 2668 wrote to memory of 2120	2668	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	107
PID 2120 wrote to memory of 2292	2120	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	110
PID 2120 wrote to memory of 2292	2120	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	110
PID 2120 wrote to memory of 2292	2120	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	110
PID 2120 wrote to memory of 2292	2120	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	110
PID 2292 wrote to memory of 2104	2292	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	115
PID 2292 wrote to memory of 2104	2292	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	115
PID 2292 wrote to memory of 2104	2292	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	115
PID 2292 wrote to memory of 2104	2292	30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe	115

C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe"
1⤵
- Suspicious use of SetThreadContext
- Suspicious use of WriteProcessMemory
PID:1552
- C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
  C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
  2⤵
  - Suspicious use of SetThreadContext
  - Suspicious use of WriteProcessMemory
  PID:3608
- - C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
    C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
    3⤵
    - Suspicious use of SetThreadContext
    - Suspicious use of WriteProcessMemory
    PID:4032
  - - C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
      C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
      4⤵
      Suspicious use of SetThreadContext
      Suspicious use of WriteProcessMemory
      PID:3600
    - - C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        5⤵
        Suspicious use of SetThreadContext
        Suspicious use of WriteProcessMemory
        
        PID:3264
      - C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        6⤵
        Suspicious use of SetThreadContext
        Suspicious use of WriteProcessMemory
        
        PID:1892
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        7⤵
        Suspicious use of SetThreadContext
        Suspicious use of WriteProcessMemory
        
        PID:4880
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        8⤵
        Suspicious use of SetThreadContext
        Suspicious use of WriteProcessMemory
        
        PID:3732
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        9⤵
        Suspicious use of SetThreadContext
        Suspicious use of WriteProcessMemory
        
        PID:4896
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        10⤵
        Suspicious use of SetThreadContext
        Suspicious use of WriteProcessMemory
        
        PID:3960
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        11⤵
        Suspicious use of SetThreadContext
        Suspicious use of WriteProcessMemory
        
        PID:2936
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        12⤵
        Suspicious use of SetThreadContext
        Suspicious use of WriteProcessMemory
        
        PID:3076
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        13⤵
        Suspicious use of SetThreadContext
        Suspicious use of WriteProcessMemory
        
        PID:2356
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        14⤵
        Suspicious use of SetThreadContext
        Suspicious use of WriteProcessMemory
        
        PID:2668
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        15⤵
        Suspicious use of SetThreadContext
        Suspicious use of WriteProcessMemory
        
        PID:2120
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        16⤵
        Suspicious use of SetThreadContext
        Suspicious use of WriteProcessMemory
        
        PID:2292
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        17⤵
        Suspicious use of SetThreadContext
        
        PID:2104
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        18⤵
        Suspicious use of SetThreadContext
        
        PID:2576
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        19⤵
        Suspicious use of SetThreadContext
        
        PID:1740
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        20⤵
        Suspicious use of SetThreadContext
        
        PID:3876
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        21⤵
        Suspicious use of SetThreadContext
        
        PID:2360
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        22⤵
        Suspicious use of SetThreadContext
        
        PID:3096
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        23⤵
        Suspicious use of SetThreadContext
        
        PID:1192
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        24⤵
        Suspicious use of SetThreadContext
        
        PID:852
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        25⤵
        Suspicious use of SetThreadContext
        
        PID:4784
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        26⤵
        Suspicious use of SetThreadContext
        
        PID:5048
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        27⤵
        Suspicious use of SetThreadContext
        
        PID:3796
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        28⤵
        Suspicious use of SetThreadContext
        
        PID:4828
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        29⤵
        Suspicious use of SetThreadContext
        
        PID:4220
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        30⤵
        Suspicious use of SetThreadContext
        
        PID:1400
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        31⤵
        Suspicious use of SetThreadContext
        
        PID:4536
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        32⤵
        Suspicious use of SetThreadContext
        
        PID:3344
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        33⤵
        Suspicious use of SetThreadContext
        
        PID:2784
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        34⤵
        Suspicious use of SetThreadContext
        
        PID:5012
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        35⤵
        Suspicious use of SetThreadContext
        
        PID:528
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        36⤵
        Suspicious use of SetThreadContext
        
        PID:2384
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        37⤵
        Suspicious use of SetThreadContext
        
        PID:1556
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        38⤵
        Suspicious use of SetThreadContext
        
        PID:5096
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        39⤵
        Suspicious use of SetThreadContext
        
        PID:4072
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        40⤵
        Suspicious use of SetThreadContext
        
        PID:3024
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        41⤵
        Suspicious use of SetThreadContext
        
        PID:904
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        42⤵
        Suspicious use of SetThreadContext
        
        PID:4076
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        43⤵
        Suspicious use of SetThreadContext
        
        PID:464
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        44⤵
        Suspicious use of SetThreadContext
        
        PID:2916
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        45⤵
        Suspicious use of SetThreadContext
        
        PID:4092
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        46⤵
        Suspicious use of SetThreadContext
        
        PID:3076
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        47⤵
        Suspicious use of SetThreadContext
        
        PID:2568
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        48⤵
        Suspicious use of SetThreadContext
        
        PID:2120
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        49⤵
        Suspicious use of SetThreadContext
        
        PID:3716
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        50⤵
        Suspicious use of SetThreadContext
        
        PID:4976
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        51⤵
        Suspicious use of SetThreadContext
        
        PID:3416
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        52⤵
        Suspicious use of SetThreadContext
        
        PID:996
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        53⤵
        Suspicious use of SetThreadContext
        
        PID:2832
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        54⤵
        Suspicious use of SetThreadContext
        
        PID:1048
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        55⤵
        Suspicious use of SetThreadContext
        
        PID:2300
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        56⤵
        Suspicious use of SetThreadContext
        
        PID:848
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        57⤵
        Suspicious use of SetThreadContext
        
        PID:3600
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        58⤵
        Suspicious use of SetThreadContext
        
        PID:3020
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        59⤵
        Suspicious use of SetThreadContext
        
        PID:560
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        60⤵
        Suspicious use of SetThreadContext
        
        PID:4252
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        61⤵
        Suspicious use of SetThreadContext
        
        PID:5100
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        62⤵
        Suspicious use of SetThreadContext
        
        PID:1632
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        63⤵
        Suspicious use of SetThreadContext
        
        PID:4488
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        64⤵
        Suspicious use of SetThreadContext
        
        PID:324
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        65⤵
        
        PID:1012
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        66⤵
        
        PID:1712
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        67⤵
        
        PID:1972
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        68⤵
        
        PID:696
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        69⤵
        
        PID:2552
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        70⤵
        
        PID:2508
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        71⤵
        
        PID:4496
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        72⤵
        
        PID:528
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        73⤵
        
        PID:1572
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        74⤵
        
        PID:3440
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        75⤵
        
        PID:1616
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        76⤵
        
        PID:4184
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        77⤵
        
        PID:2448
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        78⤵
        
        PID:1668
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        79⤵
        
        PID:2800
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        80⤵
        
        PID:2668
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        81⤵
        
        PID:1132
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        82⤵
        
        PID:4980
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        83⤵
        
        PID:232
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        84⤵
        
        PID:3348
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        85⤵
        
        PID:4828
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        86⤵
        
        PID:1548
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        87⤵
        
        PID:4532
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        88⤵
        
        PID:116
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        89⤵
        
        PID:3960
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        90⤵
        
        PID:4864
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        91⤵
        
        PID:2840
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        92⤵
        
        PID:736
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        93⤵
        
        PID:5084
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        94⤵
        
        PID:848
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        95⤵
        
        PID:2468
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        96⤵
        
        PID:2524
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        97⤵
        
        PID:4900
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        98⤵
        
        PID:1532
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        99⤵
        
        PID:1892
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        100⤵
        
        PID:1632
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        101⤵
        
        PID:412
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        102⤵
        
        PID:4160
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        103⤵
        
        PID:1676
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        104⤵
        
        PID:4200
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        105⤵
        
        PID:1500
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        106⤵
        
        PID:5048
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        107⤵
        
        PID:3972
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        108⤵
        
        PID:2712
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        109⤵
        
        PID:3868
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        110⤵
        
        PID:2552
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        111⤵
        
        PID:3736
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        112⤵
        
        PID:1468
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        113⤵
        
        PID:952
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        114⤵
        
        PID:4652
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        115⤵
        
        PID:3056
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        116⤵
        
        PID:1860
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        117⤵
        
        PID:5076
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        118⤵
        
        PID:2356
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        119⤵
        
        PID:960
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        120⤵
        
        PID:4384
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        121⤵
        
        PID:2916
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        122⤵
        
        PID:4180
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        123⤵
        
        PID:3084
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        124⤵
        
        PID:4400
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        125⤵
        
        PID:988
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        126⤵
        
        PID:3096
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        127⤵
        
        PID:5056
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        128⤵
        
        PID:3356
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        129⤵
        
        PID:4092
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        130⤵
        
        PID:1552
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        131⤵
        
        PID:3804
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        132⤵
        
        PID:2496
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        133⤵
        
        PID:3764
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        134⤵
        
        PID:3732
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        135⤵
        
        PID:4664
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        136⤵
        
        PID:5108
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        137⤵
        
        PID:4832
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        138⤵
        
        PID:644
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        139⤵
        
        PID:1532
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        140⤵
        
        PID:1624
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        141⤵
        
        PID:5112
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        142⤵
        
        PID:376
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        143⤵
        
        PID:312
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        144⤵
        
        PID:4200
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        145⤵
        
        PID:2844
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        146⤵
        
        PID:896
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        147⤵
        
        PID:1856
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        148⤵
        
        PID:1400
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        149⤵
        
        PID:2840
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        150⤵
        
        PID:3960
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        151⤵
        
        PID:5096
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        152⤵
        
        PID:3440
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        153⤵
        
        PID:544
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        154⤵
        
        PID:2936
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        155⤵
        
        PID:1996
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        156⤵
        
        PID:4652
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        157⤵
        
        PID:3416
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        158⤵
        
        PID:1752
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        159⤵
        
        PID:348
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        160⤵
        
        PID:5064
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        161⤵
        
        PID:1076
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        162⤵
        
        PID:2296
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        163⤵
        
        PID:5024
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        164⤵
        
        PID:1536
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        165⤵
        
        PID:5012
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        166⤵
        
        PID:4616
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        167⤵
        
        PID:1228
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        168⤵
        
        PID:2040
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        169⤵
        
        PID:548
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        170⤵
        
        PID:736
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        171⤵
        
        PID:1760
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        172⤵
        
        PID:3604
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        173⤵
        
        PID:4820
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        174⤵
        
        PID:3384
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        175⤵
        
        PID:2088
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        176⤵
        
        PID:4360
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        177⤵
        
        PID:5020
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        178⤵
        
        PID:4776
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        179⤵
        
        PID:4948
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        180⤵
        
        PID:3264
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        181⤵
        
        PID:4056
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        182⤵
        
        PID:3216
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        183⤵
        
        PID:4092
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        184⤵
        
        PID:3024
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        185⤵
        
        PID:3176
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        186⤵
        
        PID:3448
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        187⤵
        
        PID:1040
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        188⤵
        
        PID:432
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        189⤵
        
        PID:1568
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        190⤵
        
        PID:4712
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        191⤵
        
        PID:2840
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        192⤵
        
        PID:1468
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        193⤵
        
        PID:2192
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        194⤵
        
        PID:2468
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        195⤵
        
        PID:3244
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        196⤵
        
        PID:4384
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        197⤵
        
        PID:4976
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        198⤵
        
        PID:3956
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        199⤵
        
        PID:5104
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        200⤵
        
        PID:1972
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        201⤵
        
        PID:4124
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        202⤵
        
        PID:4988
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        203⤵
        
        PID:4328
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        204⤵
        
        PID:4584
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        205⤵
        
        PID:4828
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        206⤵
        
        PID:468
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        207⤵
        
        PID:2304
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        208⤵
        
        PID:4472
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        209⤵
        
        PID:1012
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        210⤵
        
        PID:944
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        211⤵
        
        PID:4640
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        212⤵
        
        PID:2292
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        213⤵
        
        PID:4480
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        214⤵
        
        PID:404
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        215⤵
        
        PID:412
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        216⤵
        
        PID:4832
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        217⤵
        
        PID:4468
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        218⤵
        
        PID:3332
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        219⤵
        
        PID:856
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        220⤵
        
        PID:4996
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        221⤵
        
        PID:5008
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        222⤵
        
        PID:2544
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        223⤵
        
        PID:4900
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        224⤵
        
        PID:216
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        225⤵
        
        PID:4056
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        226⤵
        
        PID:212
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        227⤵
        
        PID:3764
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        228⤵
        
        PID:540
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        229⤵
        
        PID:892
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        230⤵
        
        PID:464
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        231⤵
        
        PID:3660
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        232⤵
        
        PID:4156
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        233⤵
        
        PID:2800
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        234⤵
        
        PID:3112
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        235⤵
        
        PID:1044
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        236⤵
        
        PID:380
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        237⤵
        
        PID:3168
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        238⤵
        
        PID:4796
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        239⤵
        
        PID:3784
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        240⤵
        
        PID:3528
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        241⤵
        
        PID:5104
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        242⤵
        
        PID:3724
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        243⤵
        
        PID:3932
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        244⤵
        
        PID:1596
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        245⤵
        
        PID:2832
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        246⤵
        
        PID:3796
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        247⤵
        
        PID:4496
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        248⤵
        
        PID:3316
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        249⤵
        
        PID:3732
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        250⤵
        
        PID:1760
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        251⤵
        
        PID:548
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        252⤵
        
        PID:3368
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        253⤵
        
        PID:2160
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        254⤵
        
        PID:3244
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        255⤵
        
        PID:4220
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        256⤵
        
        PID:1756
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        257⤵
        
        PID:4832
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        258⤵
        
        PID:2460
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        259⤵
        
        PID:4264
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        260⤵
        
        PID:5056
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        261⤵
        
        PID:2520
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        262⤵
        
        PID:4092
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        263⤵
        
        PID:1500
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        264⤵
        
        PID:3216
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        265⤵
        
        PID:4472
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        266⤵
        
        PID:5040
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        267⤵
        
        PID:952
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        268⤵
        
        PID:544
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        269⤵
        
        PID:1284
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        270⤵
        
        PID:5068
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        271⤵
        
        PID:3384
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        272⤵
        
        PID:4488
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        273⤵
        
        PID:796
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        274⤵
        
        PID:2012
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        275⤵
        
        PID:4468
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        276⤵
        
        PID:536
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        277⤵
        
        PID:1964
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        278⤵
        
        PID:1120
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        279⤵
        
        PID:4068
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        280⤵
        
        PID:116
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        281⤵
        
        PID:3168
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        282⤵
        
        PID:2592
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        283⤵
        
        PID:4124
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        284⤵
        
        PID:5084
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        285⤵
        
        PID:3600
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        286⤵
        
        PID:2420
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        287⤵
        
        PID:1984
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        288⤵
        
        PID:728
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        289⤵
        
        PID:2936
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        290⤵
        
        PID:2668
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        291⤵
        
        PID:4028
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        292⤵
        
        PID:4628
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        293⤵
        
        PID:404
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        294⤵
        
        PID:560
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        295⤵
        
        PID:1816
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        296⤵
        
        PID:1700
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        297⤵
        
        PID:4320
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        298⤵
        
        PID:632
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        299⤵
        
        PID:1712
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        300⤵
        
        PID:4560
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        301⤵
        
        PID:3932
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        302⤵
        
        PID:2092
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        303⤵
        
        PID:1400
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        304⤵
        
        PID:5096
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        305⤵
        
        PID:1200
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        306⤵
        
        PID:3020
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        307⤵
        
        PID:4252
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        308⤵
        
        PID:4844
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        309⤵
        
        PID:1956
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        310⤵
        
        PID:4604
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        311⤵
        
        PID:3024
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        312⤵
        
        PID:948
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        313⤵
        
        PID:2468
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        314⤵
        
        PID:1860
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        315⤵
        
        PID:1944
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        316⤵
        
        PID:4264
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        317⤵
        
        PID:732
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        318⤵
        
        PID:4436
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        319⤵
        
        PID:4736
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        320⤵
        
        PID:5104
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        321⤵
        
        PID:2348
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        322⤵
        
        PID:432
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        323⤵
        
        PID:1616
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        324⤵
        
        PID:3344
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        325⤵
        
        PID:4116
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        326⤵
        
        PID:2360
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        327⤵
        
        PID:4460
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        328⤵
        
        PID:1696
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        329⤵
        
        PID:656
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        330⤵
        
        PID:3956
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        331⤵
        
        PID:4160
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        332⤵
        
        PID:4612
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        333⤵
        
        PID:1368
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        334⤵
        
        PID:748
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        335⤵
        
        PID:2936
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        336⤵
        
        PID:2088
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        337⤵
        
        PID:2552
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        338⤵
        
        PID:3980
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        339⤵
        
        PID:4524
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        340⤵
        
        PID:4596
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        341⤵
        
        PID:4320
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        342⤵
        
        PID:3192
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        343⤵
        
        PID:2104
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        344⤵
        
        PID:4428
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        345⤵
        
        PID:1552
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        346⤵
        
        PID:2172
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        347⤵
        
        PID:4456
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        348⤵
        
        PID:4996
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        349⤵
        
        PID:1336
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        350⤵
        
        PID:5108
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        351⤵
        
        PID:696
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        352⤵
        
        PID:1132
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        353⤵
        
        PID:2800
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        354⤵
        
        PID:1252
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        355⤵
        
        PID:5056
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        356⤵
        
        PID:4796
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        357⤵
        
        PID:1488
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        358⤵
        
        PID:1944
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        359⤵
        
        PID:4056
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        360⤵
        
        PID:1844
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        361⤵
        
        PID:116
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        362⤵
        
        PID:732
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        363⤵
        
        PID:2704
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        364⤵
        
        PID:828
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        365⤵
        
        PID:4156
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        366⤵
        
        PID:1856
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        367⤵
        
        PID:3040
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        368⤵
        
        PID:3892
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        369⤵
        
        PID:3716
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        370⤵
        
        PID:1964
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        371⤵
        
        PID:1996
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        372⤵
        
        PID:4600
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        373⤵
        
        PID:1992
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        374⤵
        
        PID:4032
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        375⤵
        
        PID:2832
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        376⤵
        
        PID:1816
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        377⤵
        
        PID:2652
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        378⤵
        
        PID:848
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        379⤵
        
        PID:988
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        380⤵
        
        PID:3196
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        381⤵
        
        PID:3244
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        382⤵
        
        PID:4812
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        383⤵
        
        PID:4388
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        384⤵
        
        PID:3628
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        385⤵
        
        PID:548
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        386⤵
        
        PID:2424
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        387⤵
        
        PID:3140
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        388⤵
        
        PID:1324
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        389⤵
        
        PID:3320
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        390⤵
        
        PID:1668
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        391⤵
        
        PID:4784
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        392⤵
        
        PID:4616
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        393⤵
        
        PID:4640
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        394⤵
        
        PID:3944
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        395⤵
        
        PID:4864
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        396⤵
        
        PID:4448
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        397⤵
        
        PID:4752
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        398⤵
        
        PID:2088
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        399⤵
        
        PID:4264
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        400⤵
        
        PID:1944
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        401⤵
        
        PID:4456
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        402⤵
        
        PID:4000
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        403⤵
        
        PID:3532
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        404⤵
        
        PID:5024
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        405⤵
        
        PID:216
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        406⤵
        
        PID:1012
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        407⤵
        
        PID:4252
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        408⤵
        
        PID:728
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        409⤵
        
        PID:2044
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        410⤵
        
        PID:4224
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        411⤵
        
        PID:4128
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        412⤵
        
        PID:4068
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        413⤵
        
        PID:4172
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        414⤵
        
        PID:944
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        415⤵
        
        PID:896
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        416⤵
        
        PID:1536
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        417⤵
        
        PID:3792
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        418⤵
        
        PID:4056
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        419⤵
        
        PID:4636
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        420⤵
        
        PID:4620
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        421⤵
        
        PID:3972
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        422⤵
        
        PID:2304
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        423⤵
        
        PID:4392
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        424⤵
        
        PID:4376
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        425⤵
        
        PID:3004
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        426⤵
        
        PID:3188
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        427⤵
        
        PID:4452
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        428⤵
        
        PID:2008
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        429⤵
        
        PID:4188
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        430⤵
        
        PID:2468
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        431⤵
        
        PID:1228
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        432⤵
        
        PID:1548
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        433⤵
        
        PID:376
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        434⤵
        
        PID:1996
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        435⤵
        
        PID:892
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        436⤵
        
        PID:3216
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        437⤵
        
        PID:5088
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        438⤵
        
        PID:1076
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        439⤵
        
        PID:740
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        440⤵
        
        PID:4884
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        441⤵
        
        PID:3244
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        442⤵
        
        PID:1472
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        443⤵
        
        PID:4864
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        444⤵
        
        PID:432
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        445⤵
        
        PID:5064
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        446⤵
        
        PID:3732
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        447⤵
        
        PID:1404
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        448⤵
        
        PID:4844
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        449⤵
        
        PID:2480
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        450⤵
        
        PID:4520
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        451⤵
        
        PID:2704
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        452⤵
        
        PID:1724
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        453⤵
        
        PID:3448
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        454⤵
        
        PID:2448
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        455⤵
        
        PID:4172
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        456⤵
        
        PID:1844
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        457⤵
        
        PID:4028
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        458⤵
        
        PID:4420
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\30744fef2eb151a8f419b86c1ca56139_JaffaCakes118.exe
        459⤵
        
        PID:4716
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 3448 -s 304
        454⤵
        
        PID:2936
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 3732 -s 304
        447⤵
        
        PID:3356
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 432 -s 320
        445⤵
        
        PID:3868
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 4884 -s 304
        441⤵
        
        PID:3716
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 1076 -s 320
        439⤵
        
        PID:3532
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 2008 -s 320
        429⤵
        
        PID:2176
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 4452 -s 304
        428⤵
        
        PID:4776
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 3188 -s 320
        427⤵
        
        PID:1188
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 4056 -s 320
        419⤵
        
        PID:1120
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 4128 -s 320
        412⤵
        
        PID:2712
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 4224 -s 320
        411⤵
        
        PID:1992
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 4252 -s 312
        408⤵
        
        PID:1384
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 4264 -s 308
        400⤵
        
        PID:2324
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 4752 -s 308
        398⤵
        
        PID:3528
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 4448 -s 304
        397⤵
        
        PID:4400
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 4640 -s 320
        394⤵
        
        PID:3112
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 3244 -s 304
        382⤵
        
        PID:4116
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 3196 -s 320
        381⤵
        
        PID:528
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 1816 -s 308
        377⤵
        
        PID:3724
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 1964 -s 288
        371⤵
        
        PID:1788
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 1856 -s 304
        367⤵
        
        PID:312
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 4156 -s 320
        366⤵
        
        PID:824
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 4056 -s 312
        360⤵
        
        PID:1284
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 4796 -s 320
        357⤵
        
        PID:4068
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 4996 -s 312
        349⤵
        
        PID:3960
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 2172 -s 304
        347⤵
        
        PID:468
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 3980 -s 308
        339⤵
        
        PID:1572
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 2936 -s 304
        336⤵
        
        PID:540
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 4460 -s 304
        328⤵
        
        PID:4112
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 4116 -s 304
        326⤵
        
        PID:1120
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 3344 -s 320
        325⤵
        
        PID:4656
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 4736 -s 304
        320⤵
        
        PID:1536
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 1956 -s 308
        310⤵
        
        PID:4488
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 4844 -s 304
        309⤵
        
        PID:4000
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 4252 -s 320
        308⤵
        
        PID:1508
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 632 -s 304
        299⤵
        
        PID:3456
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 404 -s 304
        294⤵
        
        PID:2008
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 4628 -s 308
        293⤵
        
        PID:3796
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 1984 -s 312
        288⤵
        
        PID:4332
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 3168 -s 324
        282⤵
        
        PID:3868
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 1964 -s 316
        278⤵
        
        PID:2136
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 4468 -s 320
        276⤵
        
        PID:4276
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 2012 -s 320
        275⤵
        
        PID:2392
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 5040 -s 320
        267⤵
        
        PID:5112
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 4092 -s 304
        263⤵
        Program crash
        
        PID:852
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 5056 -s 320
        261⤵
        Program crash
        
        PID:2124
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 4264 -s 308
        260⤵
        
        PID:3272
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 1760 -s 304
        251⤵
        Program crash
        
        PID:4084
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 2832 -s 304
        246⤵
        Program crash
        
        PID:4188
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 1596 -s 320
        245⤵
        Program crash
        
        PID:4740
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 3724 -s 304
        243⤵
        Program crash
        
        PID:1388
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 1044 -s 304
        236⤵
        Program crash
        
        PID:4016
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 3660 -s 320
        232⤵
        Program crash
        
        PID:2784
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 464 -s 320
        231⤵
        Program crash
        
        PID:3312
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 4056 -s 304
        226⤵
        Program crash
        
        PID:4276
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 856 -s 304
        220⤵
        Program crash
        
        PID:3444
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 4468 -s 304
        218⤵
        Program crash
        
        PID:2516
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 4640 -s 316
        212⤵
        Program crash
        
        PID:3188
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 2304 -s 320
        208⤵
        Program crash
        
        PID:2092
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 4828 -s 304
        206⤵
        Program crash
        
        PID:3736
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 4988 -s 320
        203⤵
        Program crash
        
        PID:2112
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 3244 -s 308
        196⤵
        Program crash
        
        PID:2576
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 2840 -s 304
        192⤵
        Program crash
        
        PID:1892
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 1568 -s 304
        190⤵
        Program crash
        
        PID:2420
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 3024 -s 308
        185⤵
        Program crash
        
        PID:4864
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 5020 -s 304
        178⤵
        Program crash
        
        PID:2232
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 4820 -s 184
        174⤵
        Program crash
        
        PID:4460
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 3604 -s 304
        173⤵
        Program crash
        
        PID:1132
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 4616 -s 320
        167⤵
        Program crash
        
        PID:4632
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 1076 -s 320
        162⤵
        Program crash
        
        PID:4464
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 5064 -s 288
        161⤵
        Program crash
        
        PID:2028
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 2936 -s 308
        155⤵
        Program crash
        
        PID:2692
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 1856 -s 304
        148⤵
        Program crash
        
        PID:5060
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 312 -s 320
        144⤵
        Program crash
        
        PID:3508
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 376 -s 320
        143⤵
        Program crash
        
        PID:4896
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 1624 -s 320
        141⤵
        Program crash
        
        PID:4068
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 4664 -s 320
        136⤵
        Program crash
        
        PID:432
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 2496 -s 304
        133⤵
        Program crash
        
        PID:4128
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 4092 -s 320
        130⤵
        Program crash
        
        PID:3264
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 3356 -s 320
        129⤵
        Program crash
        
        PID:5008
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 2356 -s 308
        119⤵
        Program crash
        
        PID:1404
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 5076 -s 304
        118⤵
        Program crash
        
        PID:3384
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 2552 -s 288
        111⤵
        Program crash
        
        PID:1700
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 3868 -s 308
        110⤵
        Program crash
        
        PID:384
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 4160 -s 296
        103⤵
        Program crash
        
        PID:3312
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 1892 -s 304
        100⤵
        Program crash
        
        PID:2776
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 4864 -s 304
        91⤵
        Program crash
        
        PID:1568
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 3960 -s 288
        90⤵
        Program crash
        
        PID:1984
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 1132 -s 304
        82⤵
        Program crash
        
        PID:4628
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 2668 -s 320
        81⤵
        Program crash
        
        PID:4776
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 528 -s 304
        73⤵
        Program crash
        
        PID:740
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 4496 -s 304
        72⤵
        Program crash
        
        PID:872
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 324 -s 304
        65⤵
        Program crash
        
        PID:4364
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 4488 -s 304
        64⤵
        Program crash
        
        PID:4480
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 4252 -s 316
        61⤵
        Program crash
        
        PID:1400
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 1048 -s 320
        55⤵
        Program crash
        
        PID:4192
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 3416 -s 308
        52⤵
        Program crash
        
        PID:4948
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 2120 -s 320
        49⤵
        Program crash
        
        PID:4188
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 3024 -s 308
        41⤵
        Program crash
        
        PID:1536
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 4072 -s 288
        40⤵
        Program crash
        
        PID:824
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 2784 -s 304
        34⤵
        Program crash
        
        PID:3140
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 3796 -s 304
        28⤵
        Program crash
        
        PID:1044
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 5048 -s 308
        27⤵
        Program crash
        
        PID:696
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 852 -s 304
        25⤵
        Program crash
        
        PID:3176
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 1192 -s 304
        24⤵
        Program crash
        
        PID:3104
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 4880 -s 304
        8⤵
        Program crash
        
        PID:3192
      - C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 3264 -s 320
        6⤵
        Program crash
        
        PID:3108
  - - C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 4032 -s 304
      4⤵
      Program crash
      PID:848
- - C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -u -p 3608 -s 308
    3⤵
    - Program crash
    PID:4788

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 472 -p 4032 -ip 4032
1⤵
PID:2580

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 416 -p 3608 -ip 3608
1⤵
PID:2716

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 512 -p 1552 -ip 1552
1⤵
PID:2800

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 524 -p 3600 -ip 3600
1⤵
PID:3972

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 496 -p 3264 -ip 3264
1⤵
PID:1984

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 492 -p 1892 -ip 1892
1⤵
PID:3712

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 528 -p 4880 -ip 4880
1⤵
PID:4968

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 544 -p 3732 -ip 3732
1⤵
PID:4112

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 576 -p 4896 -ip 4896
1⤵
PID:4844

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 600 -p 3960 -ip 3960
1⤵
PID:4156

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 568 -p 2936 -ip 2936
1⤵
PID:1812

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 468 -p 3076 -ip 3076
1⤵
PID:824

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 428 -p 2356 -ip 2356
1⤵
PID:3944

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 552 -p 2668 -ip 2668
1⤵
PID:740

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 544 -p 2120 -ip 2120
1⤵
PID:2780

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 612 -p 2292 -ip 2292
1⤵
PID:1360

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 464 -p 2104 -ip 2104
1⤵
PID:1568

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 520 -p 2576 -ip 2576
1⤵
PID:3892

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 504 -p 1740 -ip 1740
1⤵
PID:4476

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 464 -p 3876 -ip 3876
1⤵
PID:3416

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 528 -p 2360 -ip 2360
1⤵
PID:4180

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 496 -p 3096 -ip 3096
1⤵
PID:1540

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 492 -p 1192 -ip 1192
1⤵
PID:2496

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 496 -p 852 -ip 852
1⤵
PID:1124

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 464 -p 4784 -ip 4784
1⤵
PID:2844

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 428 -p 5048 -ip 5048
1⤵
PID:4028

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 524 -p 3796 -ip 3796
1⤵
PID:2704

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 644 -p 4828 -ip 4828
1⤵
PID:1896

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 532 -p 4220 -ip 4220
1⤵
PID:4384

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 584 -p 1400 -ip 1400
1⤵
PID:516

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 556 -p 4536 -ip 4536
1⤵
PID:1676

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 640 -p 3344 -ip 3344
1⤵
PID:4448

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 536 -p 2784 -ip 2784
1⤵
PID:4668

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 644 -p 5012 -ip 5012
1⤵
PID:4320

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 440 -p 528 -ip 528
1⤵
PID:2124

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 620 -p 2384 -ip 2384
1⤵
PID:448

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 532 -p 1556 -ip 1556
1⤵
PID:3972

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 524 -p 5096 -ip 5096
1⤵
PID:2064

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 516 -p 4072 -ip 4072
1⤵
PID:4896

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 680 -p 3024 -ip 3024
1⤵
PID:4044

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 904 -ip 904
1⤵
PID:3820

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 524 -p 4076 -ip 4076
1⤵
PID:1700

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 464 -ip 464
1⤵
PID:1620

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 464 -p 2916 -ip 2916
1⤵
PID:5060

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 536 -p 4092 -ip 4092
1⤵
PID:1860

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 428 -p 3076 -ip 3076
1⤵
PID:4056

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 484 -p 2568 -ip 2568
1⤵
PID:3244

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 476 -p 2120 -ip 2120
1⤵
PID:3152

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 624 -p 3716 -ip 3716
1⤵
PID:5108

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 456 -p 4976 -ip 4976
1⤵
PID:3876

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 632 -p 3416 -ip 3416
1⤵
PID:640

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 712 -p 996 -ip 996
1⤵
PID:1388

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 676 -p 2832 -ip 2832
1⤵
PID:3216

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 460 -p 1048 -ip 1048
1⤵
PID:3156

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 712 -p 2300 -ip 2300
1⤵
PID:1368

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 680 -p 848 -ip 848
1⤵
PID:1448

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 456 -p 3600 -ip 3600
1⤵
PID:4464

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 624 -p 3020 -ip 3020
1⤵
PID:4520

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 468 -p 560 -ip 560
1⤵
PID:4444

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 704 -p 4252 -ip 4252
1⤵
PID:1892

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 556 -p 5100 -ip 5100
1⤵
PID:4664

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 712 -p 1632 -ip 1632
1⤵
PID:1036

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 708 -p 4488 -ip 4488
1⤵
PID:2016

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 484 -p 324 -ip 324
1⤵
PID:4324

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 624 -p 1012 -ip 1012
1⤵
PID:4820

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 572 -p 1712 -ip 1712
1⤵
PID:1844

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 556 -p 1972 -ip 1972
1⤵
PID:4052

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 616 -p 696 -ip 696
1⤵
PID:4392

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 704 -p 2552 -ip 2552
1⤵
PID:2520

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 524 -p 2508 -ip 2508
1⤵
PID:4016

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 632 -p 4496 -ip 4496
1⤵
PID:216

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 516 -p 528 -ip 528
1⤵
PID:1976

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 496 -p 1572 -ip 1572
1⤵
PID:860

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 528 -p 3440 -ip 3440
1⤵
PID:4348

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 516 -p 1616 -ip 1616
1⤵
PID:540

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 576 -p 4184 -ip 4184
1⤵
PID:3004

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 556 -p 2448 -ip 2448
1⤵
PID:3504

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 700 -p 1668 -ip 1668
1⤵
PID:3944

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 460 -p 2800 -ip 2800
1⤵
PID:3980

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 524 -p 2668 -ip 2668
1⤵
PID:4352

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 528 -p 1132 -ip 1132
1⤵
PID:4716

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 616 -p 4980 -ip 4980
1⤵
PID:3780

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 568 -p 232 -ip 232
1⤵
PID:4328

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 3348 -ip 3348
1⤵
PID:4796

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 712 -p 4828 -ip 4828
1⤵
PID:3384

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 524 -p 1548 -ip 1548
1⤵
PID:2784

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 620 -p 4532 -ip 4532
1⤵
PID:3216

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 680 -p 116 -ip 116
1⤵
PID:2832

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 468 -p 3960 -ip 3960
1⤵
PID:2504

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 4864 -ip 4864
1⤵
PID:4740

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 428 -p 2840 -ip 2840
1⤵
PID:4472

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 484 -p 736 -ip 736
1⤵
PID:764

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 5084 -ip 5084
1⤵
PID:1756

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 532 -p 848 -ip 848
1⤵
PID:4664

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 568 -p 2468 -ip 2468
1⤵
PID:2160

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 460 -p 2524 -ip 2524
1⤵
PID:1036

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 428 -p 4900 -ip 4900
1⤵
PID:4388

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 484 -p 1532 -ip 1532
1⤵
PID:1124

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 536 -p 1892 -ip 1892
1⤵
PID:1180

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 632 -p 1632 -ip 1632
1⤵
PID:4724

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 676 -p 412 -ip 412
1⤵
PID:4672

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 620 -p 4160 -ip 4160
1⤵
PID:4736

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 552 -p 1676 -ip 1676
1⤵
PID:3344

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 556 -p 4200 -ip 4200
1⤵
PID:1972

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 576 -p 1500 -ip 1500
1⤵
PID:3688

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 568 -p 5048 -ip 5048
1⤵
PID:4656

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 608 -p 3972 -ip 3972
1⤵
PID:2844

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 712 -p 2712 -ip 2712
1⤵
PID:1400

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 440 -p 2552 -ip 2552
1⤵
PID:1976

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 612 -p 3868 -ip 3868
1⤵
PID:852

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 476 -p 3736 -ip 3736
1⤵
PID:2976

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 704 -p 1468 -ip 1468
1⤵
PID:4112

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 468 -p 952 -ip 952
1⤵
PID:3440

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 556 -p 4652 -ip 4652
1⤵
PID:3504

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 456 -p 3056 -ip 3056
1⤵
PID:1252

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 428 -p 1860 -ip 1860
1⤵
PID:4156

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 732 -p 5076 -ip 5076
1⤵
PID:1724

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 716 -p 2356 -ip 2356
1⤵
PID:4488

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 676 -p 960 -ip 960
1⤵
PID:3956

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 464 -p 4384 -ip 4384
1⤵
PID:748

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 696 -p 2916 -ip 2916
1⤵
PID:2692

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 620 -p 4180 -ip 4180
1⤵
PID:2784

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 484 -p 3084 -ip 3084
1⤵
PID:4124

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 4400 -ip 4400
1⤵
PID:3608

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 572 -p 988 -ip 988
1⤵
PID:4808

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 504 -p 3096 -ip 3096
1⤵
PID:4616

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 524 -p 5056 -ip 5056
1⤵
PID:2360

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 732 -p 3356 -ip 3356
1⤵
PID:4496

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 644 -p 4092 -ip 4092
1⤵
PID:3600

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 624 -p 3804 -ip 3804
1⤵
PID:728

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 676 -p 1552 -ip 1552
1⤵
PID:4472

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 696 -p 2496 -ip 2496
1⤵
PID:5084

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 516 -p 3764 -ip 3764
1⤵
PID:1036

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 576 -p 3732 -ip 3732
1⤵
PID:2088

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 524 -p 4664 -ip 4664
1⤵
PID:2352

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 528 -p 5108 -ip 5108
1⤵
PID:3328

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 572 -p 4832 -ip 4832
1⤵
PID:4116

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 460 -p 644 -ip 644
1⤵
PID:4164

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 512 -p 1532 -ip 1532
1⤵
PID:4980

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 464 -p 1624 -ip 1624
1⤵
PID:4460

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 528 -p 5112 -ip 5112
1⤵
PID:1612

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 460 -p 376 -ip 376
1⤵
PID:4304

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 568 -p 312 -ip 312
1⤵
PID:1764

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 640 -p 4200 -ip 4200
1⤵
PID:3176

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 732 -p 2844 -ip 2844
1⤵
PID:2520

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 676 -p 896 -ip 896
1⤵
PID:3316

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 696 -p 1856 -ip 1856
1⤵
PID:1812

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 680 -p 1400 -ip 1400
1⤵
PID:2516

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 580 -p 2840 -ip 2840
1⤵
PID:3444

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 616 -p 3960 -ip 3960
1⤵
PID:4132

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 468 -p 5096 -ip 5096
1⤵
PID:2780

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 3440 -ip 3440
1⤵
PID:1820

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 428 -p 544 -ip 544
1⤵
PID:3272

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 612 -p 2936 -ip 2936
1⤵
PID:3660

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 744 -p 1996 -ip 1996
1⤵
PID:4716

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 732 -p 4652 -ip 4652
1⤵
PID:1044

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 644 -p 3416 -ip 3416
1⤵
PID:1860

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 740 -p 1752 -ip 1752
1⤵
PID:4796

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 436 -p 348 -ip 348
1⤵
PID:4612

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 704 -p 5064 -ip 5064
1⤵
PID:640

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 528 -p 1076 -ip 1076
1⤵
PID:2576

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 516 -p 2296 -ip 2296
1⤵
PID:5088

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 724 -p 5024 -ip 5024
1⤵
PID:4584

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 676 -p 1536 -ip 1536
1⤵
PID:4828

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 728 -p 5012 -ip 5012
1⤵
PID:1324

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 428 -p 4616 -ip 4616
1⤵
PID:904

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 716 -p 1228 -ip 1228
1⤵
PID:4496

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 2040 -ip 2040
1⤵
PID:4472

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 728 -p 548 -ip 548
1⤵
PID:3804

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 644 -p 736 -ip 736
1⤵
PID:1744

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 712 -p 1760 -ip 1760
1⤵
PID:3320

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 696 -p 3604 -ip 3604
1⤵
PID:2092

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 740 -p 4820 -ip 4820
1⤵
PID:2668

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 576 -p 3384 -ip 3384
1⤵
PID:3908

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 476 -p 2088 -ip 2088
1⤵
PID:1124

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 700 -p 4360 -ip 4360
1⤵
PID:3332

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 696 -p 5020 -ip 5020
1⤵
PID:3872

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 536 -p 4776 -ip 4776
1⤵
PID:1552

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 476 -p 4948 -ip 4948
1⤵
PID:5008

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 744 -p 3264 -ip 3264
1⤵
PID:5052

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 436 -p 4056 -ip 4056
1⤵
PID:696

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 428 -p 3216 -ip 3216
1⤵
PID:1840

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 728 -p 4092 -ip 4092
1⤵
PID:2484

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 632 -p 3024 -ip 3024
1⤵
PID:4052

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 568 -p 3176 -ip 3176
1⤵
PID:3344

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 552 -p 3448 -ip 3448
1⤵
PID:5108

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 708 -p 1040 -ip 1040
1⤵
PID:1192

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 460 -p 432 -ip 432
1⤵
PID:4884

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 1568 -ip 1568
1⤵
PID:2392

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 620 -p 4712 -ip 4712
1⤵
PID:5096

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 428 -p 2840 -ip 2840
1⤵
PID:4136

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 1468 -ip 1468
1⤵
PID:3716

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 676 -p 2192 -ip 2192
1⤵
PID:4224

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 528 -p 2468 -ip 2468
1⤵
PID:4420

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 640 -p 3244 -ip 3244
1⤵
PID:380

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 736 -p 4384 -ip 4384
1⤵
PID:536

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 732 -p 4976 -ip 4976
1⤵
PID:4736

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 3956 -ip 3956
1⤵
PID:376

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 460 -p 5104 -ip 5104
1⤵
PID:2960

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 572 -p 1972 -ip 1972
1⤵
PID:3892

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 632 -p 4124 -ip 4124
1⤵
PID:1336

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 528 -p 4988 -ip 4988
1⤵
PID:3504

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 736 -p 4328 -ip 4328
1⤵
PID:5100

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 676 -p 4584 -ip 4584
1⤵
PID:3096

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 576 -p 4828 -ip 4828
1⤵
PID:2384

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 576 -p 468 -ip 468
1⤵
PID:740

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 476 -p 2304 -ip 2304
1⤵
PID:728

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 552 -p 4472 -ip 4472
1⤵
PID:1744

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 524 -p 1012 -ip 1012
1⤵
PID:3876

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 624 -p 944 -ip 944
1⤵
PID:1996

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 576 -p 4640 -ip 4640
1⤵
PID:2936

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 556 -p 2292 -ip 2292
1⤵
PID:3868

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 536 -p 4480 -ip 4480
1⤵
PID:2668

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 464 -p 404 -ip 404
1⤵
PID:5076

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 572 -p 412 -ip 412
1⤵
PID:1552

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 4832 -ip 4832
1⤵
PID:3356

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 628 -p 4468 -ip 4468
1⤵
PID:4192

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 460 -p 3332 -ip 3332
1⤵
PID:3180

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 708 -p 856 -ip 856
1⤵
PID:5052

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 476 -p 4996 -ip 4996
1⤵
PID:4948

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 716 -p 5008 -ip 5008
1⤵
PID:1764

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 744 -p 2544 -ip 2544
1⤵
PID:4616

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 436 -p 4900 -ip 4900
1⤵
PID:5108

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 736 -p 216 -ip 216
1⤵
PID:2980

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 620 -p 4056 -ip 4056
1⤵
PID:4444

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 616 -p 212 -ip 212
1⤵
PID:3192

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 428 -p 3764 -ip 3764
1⤵
PID:1976

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 572 -p 540 -ip 540
1⤵
PID:1132

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 632 -p 892 -ip 892
1⤵
PID:4880

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 460 -p 464 -ip 464
1⤵
PID:4820

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 676 -p 3660 -ip 3660
1⤵
PID:1148

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 556 -p 4156 -ip 4156
1⤵
PID:5112

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 484 -p 2800 -ip 2800
1⤵
PID:1508

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 708 -p 3112 -ip 3112
1⤵
PID:536

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 620 -p 1044 -ip 1044
1⤵
PID:2468

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 704 -p 380 -ip 380
1⤵
PID:1860

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 744 -p 3168 -ip 3168
1⤵
PID:2960

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 644 -p 4796 -ip 4796
1⤵
PID:4896

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 3784 -ip 3784
1⤵
PID:4076

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 696 -p 3528 -ip 3528
1⤵
PID:1488

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 680 -p 5104 -ip 5104
1⤵
PID:2064

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 532 -p 3724 -ip 3724
1⤵
PID:4800

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 628 -p 3932 -ip 3932
1⤵
PID:232

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 744 -p 1596 -ip 1596
1⤵
PID:3104

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 736 -p 2832 -ip 2832
1⤵
PID:1940

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 740 -p 3796 -ip 3796
1⤵
PID:4788

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 736 -p 4496 -ip 4496
1⤵
PID:4476

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 528 -p 3316 -ip 3316
1⤵
PID:1996

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 516 -p 3732 -ip 3732
1⤵
PID:2364

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 680 -p 1760 -ip 1760
1⤵
PID:1124

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 460 -p 548 -ip 548
1⤵
PID:5064

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 3368 -ip 3368
1⤵
PID:4628

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 428 -p 2160 -ip 2160
1⤵
PID:3980

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 620 -p 3244 -ip 3244
1⤵
PID:696

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 572 -p 4220 -ip 4220
1⤵
PID:2484

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 608 -p 1756 -ip 1756
1⤵
PID:4328

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 512 -p 4832 -ip 4832
1⤵
PID:4988

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 644 -p 2460 -ip 2460
1⤵
PID:3180

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 724 -p 4264 -ip 4264
1⤵
PID:2524

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 464 -p 5056 -ip 5056
1⤵
PID:4536

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 580 -p 2520 -ip 2520
1⤵
PID:4388

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 644 -p 4092 -ip 4092
1⤵
PID:1272

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 616 -p 1500 -ip 1500
1⤵
PID:3192

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 536 -p 3216 -ip 3216
1⤵
PID:436

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 716 -p 4472 -ip 4472
1⤵
PID:540

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 632 -p 5040 -ip 5040
1⤵
PID:4252

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 532 -p 952 -ip 952
1⤵
PID:3872

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 476 -p 544 -ip 544
1⤵
PID:1708

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 464 -p 1284 -ip 1284
1⤵
PID:2480

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 676 -p 5068 -ip 5068
1⤵
PID:1660

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 536 -p 3384 -ip 3384
1⤵
PID:2516

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 704 -p 4488 -ip 4488
1⤵
PID:2468

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 580 -p 796 -ip 796
1⤵
PID:3944

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 568 -p 2012 -ip 2012
1⤵
PID:5004

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 636 -p 4468 -ip 4468
1⤵
PID:2840

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 624 -p 536 -ip 536
1⤵
PID:1468

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 528 -p 1964 -ip 1964
1⤵
PID:4796

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 580 -p 1120 -ip 1120
1⤵
PID:2404

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 532 -p 4068 -ip 4068
1⤵
PID:1892

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 116 -ip 116
1⤵
PID:4132

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 464 -p 3168 -ip 3168
1⤵
PID:464

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 580 -p 2592 -ip 2592
1⤵
PID:2192

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 628 -p 4124 -ip 4124
1⤵
PID:2704

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 476 -p 5084 -ip 5084
1⤵
PID:4476

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 568 -p 3600 -ip 3600
1⤵
PID:528

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 504 -p 2420 -ip 2420
1⤵
PID:4016

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 752 -p 1984 -ip 1984
1⤵
PID:4656

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 736 -p 728 -ip 728
1⤵
PID:1896

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 476 -p 2936 -ip 2936
1⤵
PID:384

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 768 -p 2668 -ip 2668
1⤵
PID:1840

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 576 -p 4028 -ip 4028
1⤵
PID:3076

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 780 -p 4628 -ip 4628
1⤵
PID:3356

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 556 -p 404 -ip 404
1⤵
PID:1384

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 740 -p 560 -ip 560
1⤵
PID:2160

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 460 -p 1816 -ip 1816
1⤵
PID:5052

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 1700 -ip 1700
1⤵
PID:2552

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 456 -p 4320 -ip 4320
1⤵
PID:3540

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 468 -p 632 -ip 632
1⤵
PID:3724

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 736 -p 1712 -ip 1712
1⤵
PID:4740

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 732 -p 4560 -ip 4560
1⤵
PID:1596

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 776 -p 3932 -ip 3932
1⤵
PID:3156

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 736 -p 2092 -ip 2092
1⤵
PID:4444

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 784 -p 1400 -ip 1400
1⤵
PID:3720

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 456 -p 5096 -ip 5096
1⤵
PID:3444

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 748 -p 1200 -ip 1200
1⤵
PID:1760

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 484 -p 3020 -ip 3020
1⤵
PID:4820

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 4252 -ip 4252
1⤵
PID:4724

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 460 -p 4844 -ip 4844
1⤵
PID:4640

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 456 -p 1956 -ip 1956
1⤵
PID:3688

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 784 -p 4604 -ip 4604
1⤵
PID:2800

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 3024 -ip 3024
1⤵
PID:4352

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 468 -p 948 -ip 948
1⤵
PID:3944

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 636 -p 2468 -ip 2468
1⤵
PID:1188

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 732 -p 1860 -ip 1860
1⤵
PID:2780

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 704 -p 1944 -ip 1944
1⤵
PID:4588

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 792 -p 4264 -ip 4264
1⤵
PID:1468

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 716 -p 732 -ip 732
1⤵
PID:3504

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 4736 -ip 4736
1⤵
PID:2384

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 748 -p 5104 -ip 5104
1⤵
PID:1884

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 624 -p 4436 -ip 4436
1⤵
PID:952

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 724 -p 2348 -ip 2348
1⤵
PID:4968

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 792 -p 432 -ip 432
1⤵
PID:1620

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 628 -p 1616 -ip 1616
1⤵
PID:2860

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 644 -p 3344 -ip 3344
1⤵
PID:1044

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 464 -p 4116 -ip 4116
1⤵
PID:3600

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 468 -p 2360 -ip 2360
1⤵
PID:4304

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 712 -p 4460 -ip 4460
1⤵
PID:1820

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 756 -p 1696 -ip 1696
1⤵
PID:3820

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 764 -p 656 -ip 656
1⤵
PID:384

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 484 -p 3956 -ip 3956
1⤵
PID:4384

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 460 -p 4160 -ip 4160
1⤵
PID:2364

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 740 -p 4612 -ip 4612
1⤵
PID:4632

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 620 -p 1368 -ip 1368
1⤵
PID:2120

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 748 -ip 748
1⤵
PID:1700

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 728 -p 2936 -ip 2936
1⤵
PID:988

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 724 -p 2088 -ip 2088
1⤵
PID:3804

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 712 -p 2552 -ip 2552
1⤵
PID:2652

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 628 -p 3980 -ip 3980
1⤵
PID:4816

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 576 -p 4524 -ip 4524
1⤵
PID:4584

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 568 -p 4596 -ip 4596
1⤵
PID:4164

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 456 -p 4320 -ip 4320
1⤵
PID:452

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 484 -p 3192 -ip 3192
1⤵
PID:3536

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 716 -p 2104 -ip 2104
1⤵
PID:4388

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 724 -p 4428 -ip 4428
1⤵
PID:2820

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 504 -p 1552 -ip 1552
1⤵
PID:3004

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 468 -p 2172 -ip 2172
1⤵
PID:3104

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 716 -p 4456 -ip 4456
1⤵
PID:4360

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 676 -p 4996 -ip 4996
1⤵
PID:1668

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 776 -p 1336 -ip 1336
1⤵
PID:2484

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 748 -p 5108 -ip 5108
1⤵
PID:2176

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 756 -p 696 -ip 696
1⤵
PID:3480

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 724 -p 1132 -ip 1132
1⤵
PID:1632

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 716 -p 2800 -ip 2800
1⤵
PID:2468

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 704 -p 1252 -ip 1252
1⤵
PID:4776

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 632 -p 5056 -ip 5056
1⤵
PID:2960

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 616 -p 4796 -ip 4796
1⤵
PID:4516

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 624 -p 1488 -ip 1488
1⤵
PID:3456

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 768 -p 1944 -ip 1944
1⤵
PID:4900

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 756 -p 4056 -ip 4056
1⤵
PID:952

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 748 -p 1844 -ip 1844
1⤵
PID:2556

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 780 -p 116 -ip 116
1⤵
PID:1812

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 676 -p 732 -ip 732
1⤵
PID:1744

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 616 -p 2704 -ip 2704
1⤵
PID:1180

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 800 -p 828 -ip 828
1⤵
PID:4788

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 764 -p 4156 -ip 4156
1⤵
PID:3368

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 428 -p 1856 -ip 1856
1⤵
PID:3732

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 628 -p 3040 -ip 3040
1⤵
PID:380

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 756 -p 3892 -ip 3892
1⤵
PID:1612

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 772 -p 3716 -ip 3716
1⤵
PID:4832

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 516 -p 1964 -ip 1964
1⤵
PID:3956

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 736 -p 1996 -ip 1996
1⤵
PID:3356

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 776 -p 4600 -ip 4600
1⤵
PID:4028

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 760 -p 1992 -ip 1992
1⤵
PID:3540

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 736 -p 4032 -ip 4032
1⤵
PID:1952

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 772 -p 2832 -ip 2832
1⤵
PID:1596

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 756 -p 1816 -ip 1816
1⤵
PID:2036

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 484 -p 2652 -ip 2652
1⤵
PID:1752

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 760 -p 848 -ip 848
1⤵
PID:1400

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 764 -p 988 -ip 988
1⤵
PID:452

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 800 -p 3196 -ip 3196
1⤵
PID:2692

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 776 -p 3244 -ip 3244
1⤵
PID:3536

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 784 -p 4812 -ip 4812
1⤵
PID:1248

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 580 -p 4388 -ip 4388
1⤵
PID:4428

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 800 -p 3628 -ip 3628
1⤵
PID:3020

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 460 -p 548 -ip 548
1⤵
PID:1448

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 780 -p 2424 -ip 2424
1⤵
PID:1708

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 676 -p 3140 -ip 3140
1⤵
PID:1552

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 428 -p 1324 -ip 1324
1⤵
PID:2232

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 456 -p 3320 -ip 3320
1⤵
PID:560

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 764 -p 1668 -ip 1668
1⤵
PID:4664

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 792 -p 4784 -ip 4784
1⤵
PID:4076

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 628 -p 4616 -ip 4616
1⤵
PID:3416

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 516 -p 4640 -ip 4640
1⤵
PID:1132

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 724 -p 3944 -ip 3944
1⤵
PID:2840

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 732 -p 4864 -ip 4864
1⤵
PID:4884

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 556 -p 4448 -ip 4448
1⤵
PID:4724

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 736 -p 4752 -ip 4752
1⤵
PID:2432

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 624 -p 2088 -ip 2088
1⤵
PID:1888

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 796 -p 4264 -ip 4264
1⤵
PID:5112

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 516 -p 1944 -ip 1944
1⤵
PID:1180

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 768 -p 4456 -ip 4456
1⤵
PID:1472

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 456 -p 4000 -ip 4000
1⤵
PID:4984

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 484 -p 3532 -ip 3532
1⤵
PID:4476

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 796 -p 5024 -ip 5024
1⤵
PID:3508

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 616 -p 216 -ip 216
1⤵
PID:3732

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 736 -p 1012 -ip 1012
1⤵
PID:3980

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 644 -p 4252 -ip 4252
1⤵
PID:1840

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 748 -p 728 -ip 728
1⤵
PID:1612

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 808 -p 2044 -ip 2044
1⤵
PID:4180

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 768 -p 4224 -ip 4224
1⤵
PID:348

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 740 -p 4128 -ip 4128
1⤵
PID:2680

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 828 -p 4068 -ip 4068
1⤵
PID:4124

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 844 -p 4172 -ip 4172
1⤵
PID:1952

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 484 -p 944 -ip 944
1⤵
PID:1972

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 624 -p 896 -ip 896
1⤵
PID:4220

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 796 -p 1536 -ip 1536
1⤵
PID:2064

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 468 -p 3792 -ip 3792
1⤵
PID:2832

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 740 -p 4056 -ip 4056
1⤵
PID:312

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 820 -p 4636 -ip 4636
1⤵
PID:2108

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 468 -p 4620 -ip 4620
1⤵
PID:4560

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 808 -p 3972 -ip 3972
1⤵
PID:4192

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 788 -p 2304 -ip 2304
1⤵
PID:2916

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 816 -p 4392 -ip 4392
1⤵
PID:1552

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 556 -p 4376 -ip 4376
1⤵
PID:4592

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 888 -p 3004 -ip 3004
1⤵
PID:1660

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 824 -p 3188 -ip 3188
1⤵
PID:2104

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 848 -p 4452 -ip 4452
1⤵
PID:2780

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 852 -p 2008 -ip 2008
1⤵
PID:1252

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 876 -p 4188 -ip 4188
1⤵
PID:1000

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 852 -p 2468 -ip 2468
1⤵
PID:3024

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 796 -p 1228 -ip 1228
1⤵
PID:2520

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 848 -p 1548 -ip 1548
1⤵
PID:3456

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 748 -p 376 -ip 376
1⤵
PID:3332

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 876 -p 1996 -ip 1996
1⤵
PID:2544

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 888 -p 892 -ip 892
1⤵
PID:1712

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 772 -p 3216 -ip 3216
1⤵
PID:2820

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 896 -p 5088 -ip 5088
1⤵
PID:4900

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 796 -p 1076 -ip 1076
1⤵
PID:4348

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 912 -p 740 -ip 740
1⤵
PID:4488

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 872 -p 4884 -ip 4884
1⤵
PID:1544

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 884 -p 3244 -ip 3244
1⤵
PID:516

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 924 -p 1472 -ip 1472
1⤵
PID:2420

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 912 -p 4864 -ip 4864
1⤵
PID:3508

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 736 -p 432 -ip 432
1⤵
PID:3152

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 760 -p 5064 -ip 5064
1⤵
PID:412

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 932 -p 3732 -ip 3732
1⤵
PID:3688

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 704 -p 1404 -ip 1404
1⤵
PID:4600

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 848 -p 4844 -ip 4844
1⤵
PID:4400

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 852 -p 2480 -ip 2480
1⤵
PID:4832

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 736 -p 4520 -ip 4520
1⤵
PID:3200

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 2704 -ip 2704
1⤵
PID:2392

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 924 -p 1724 -ip 1724
1⤵
PID:2120

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 928 -p 3448 -ip 3448
1⤵
PID:4632

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 944 -p 2448 -ip 2448
1⤵
PID:1680

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 852 -p 4172 -ip 4172
1⤵
PID:3440

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 1844 -ip 1844
1⤵
PID:988

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/464-39-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/528-31-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/560-54-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/696-63-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/848-51-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/852-35-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/904-36-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/996-47-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/1012-59-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/1192-34-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/1400-24-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/1552-4-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/1556-32-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/1632-57-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/1712-61-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/1740-15-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/1892-2-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/1972-62-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/2104-11-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/2120-60-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/2120-9-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/2292-12-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/2300-50-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/2356-10-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/2360-16-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/2384-30-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/2568-42-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/2576-13-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/2668-8-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/2784-46-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/2832-48-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/2916-40-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/2936-6-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/3020-53-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/3024-49-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/3076-41-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/3076-7-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/3096-17-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/3264-22-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/3344-28-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/3416-58-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/3600-52-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/3600-0-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/3608-20-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/3716-44-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/3732-3-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/3796-43-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/3876-14-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/3960-5-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/4032-18-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/4072-55-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/4076-37-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/4092-38-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/4220-25-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/4536-26-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/4784-21-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/4828-23-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/4880-19-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/4896-1-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/4976-45-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/5012-29-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/5048-27-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/5096-33-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download
memory/5100-56-0x0000000019140000-0x0000000019150000-memory.dmp

Filesize
64KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads