01b1660c2dc01835577a260b5800fbb77583e48139ed81a2b15fa31906f1949a

Analysis

max time kernel
124s
max time network
109s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
11/07/2024, 02:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll
Size

97KB
MD5

377337ea24561a8ebdbd56526bb15770
SHA1

53d11d17700e83aaf78f161301c9cdc420d7f8ea
SHA256

01b1660c2dc01835577a260b5800fbb77583e48139ed81a2b15fa31906f1949a
SHA512

a506cbee92194b2d0a8d44ad1a595dee76b1d6d232574de9c8d20acbb2cc7c6882709a429a0a3206774b9f7b5822de6a41fa4f87deb3e90ba2c4430c9927507c
SSDEEP

1536:WFCNy6vQjcIGcE+X1Vgme1tbLlvVXWCF7jMCJAY/2sXTHUDHMBnOh9Vt1uW:hczcg1+ZJvVGEjPA+2s6HduW

Score

1^/10

Malware Config

Signatures

Checks SCSI registry key(s) 3 TTPs 6 IoCs

SCSI information is often read in order to detect sandboxing environments.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000	dwm.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\ConfigFlags	dwm.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\HardwareID	dwm.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\HardwareID	dwm.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000	dwm.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags	dwm.exe

Enumerates system info in registry 2 TTPs 2 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	dwm.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU	dwm.exe

Modifies data under HKEY_USERS 18 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\.DEFAULT\Software	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache	dwm.exe

Suspicious use of AdjustPrivilegeToken 6 IoCs

description	pid	Process
Token: SeCreateGlobalPrivilege	17264	dwm.exe
Token: SeChangeNotifyPrivilege	17264	dwm.exe
Token: 33	17264	dwm.exe
Token: SeIncBasePriorityPrivilege	17264	dwm.exe
Token: SeShutdownPrivilege	17264	dwm.exe
Token: SeCreatePagefilePrivilege	17264	dwm.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3008 wrote to memory of 5116	3008	rundll32.exe	84
PID 3008 wrote to memory of 5116	3008	rundll32.exe	84
PID 3008 wrote to memory of 5116	3008	rundll32.exe	84
PID 5116 wrote to memory of 2324	5116	rundll32.exe	86
PID 5116 wrote to memory of 2324	5116	rundll32.exe	86
PID 5116 wrote to memory of 2324	5116	rundll32.exe	86
PID 2324 wrote to memory of 4828	2324	rundll32.exe	87
PID 2324 wrote to memory of 4828	2324	rundll32.exe	87
PID 2324 wrote to memory of 4828	2324	rundll32.exe	87
PID 4828 wrote to memory of 848	4828	rundll32.exe	88
PID 4828 wrote to memory of 848	4828	rundll32.exe	88
PID 4828 wrote to memory of 848	4828	rundll32.exe	88
PID 848 wrote to memory of 2812	848	rundll32.exe	89
PID 848 wrote to memory of 2812	848	rundll32.exe	89
PID 848 wrote to memory of 2812	848	rundll32.exe	89
PID 2812 wrote to memory of 4048	2812	rundll32.exe	90
PID 2812 wrote to memory of 4048	2812	rundll32.exe	90
PID 2812 wrote to memory of 4048	2812	rundll32.exe	90
PID 4048 wrote to memory of 944	4048	rundll32.exe	92
PID 4048 wrote to memory of 944	4048	rundll32.exe	92
PID 4048 wrote to memory of 944	4048	rundll32.exe	92
PID 944 wrote to memory of 3548	944	rundll32.exe	93
PID 944 wrote to memory of 3548	944	rundll32.exe	93
PID 944 wrote to memory of 3548	944	rundll32.exe	93
PID 3548 wrote to memory of 3612	3548	rundll32.exe	94
PID 3548 wrote to memory of 3612	3548	rundll32.exe	94
PID 3548 wrote to memory of 3612	3548	rundll32.exe	94
PID 3612 wrote to memory of 1064	3612	rundll32.exe	95
PID 3612 wrote to memory of 1064	3612	rundll32.exe	95
PID 3612 wrote to memory of 1064	3612	rundll32.exe	95
PID 1064 wrote to memory of 3420	1064	rundll32.exe	96
PID 1064 wrote to memory of 3420	1064	rundll32.exe	96
PID 1064 wrote to memory of 3420	1064	rundll32.exe	96
PID 3420 wrote to memory of 2840	3420	rundll32.exe	97
PID 3420 wrote to memory of 2840	3420	rundll32.exe	97
PID 3420 wrote to memory of 2840	3420	rundll32.exe	97
PID 2840 wrote to memory of 3344	2840	rundll32.exe	98
PID 2840 wrote to memory of 3344	2840	rundll32.exe	98
PID 2840 wrote to memory of 3344	2840	rundll32.exe	98
PID 3344 wrote to memory of 2340	3344	rundll32.exe	99
PID 3344 wrote to memory of 2340	3344	rundll32.exe	99
PID 3344 wrote to memory of 2340	3344	rundll32.exe	99
PID 2340 wrote to memory of 1268	2340	rundll32.exe	100
PID 2340 wrote to memory of 1268	2340	rundll32.exe	100
PID 2340 wrote to memory of 1268	2340	rundll32.exe	100
PID 1268 wrote to memory of 3516	1268	rundll32.exe	101
PID 1268 wrote to memory of 3516	1268	rundll32.exe	101
PID 1268 wrote to memory of 3516	1268	rundll32.exe	101
PID 3516 wrote to memory of 3968	3516	rundll32.exe	102
PID 3516 wrote to memory of 3968	3516	rundll32.exe	102
PID 3516 wrote to memory of 3968	3516	rundll32.exe	102
PID 3968 wrote to memory of 816	3968	rundll32.exe	103
PID 3968 wrote to memory of 816	3968	rundll32.exe	103
PID 3968 wrote to memory of 816	3968	rundll32.exe	103
PID 816 wrote to memory of 2652	816	rundll32.exe	104
PID 816 wrote to memory of 2652	816	rundll32.exe	104
PID 816 wrote to memory of 2652	816	rundll32.exe	104
PID 2652 wrote to memory of 2540	2652	rundll32.exe	105
PID 2652 wrote to memory of 2540	2652	rundll32.exe	105
PID 2652 wrote to memory of 2540	2652	rundll32.exe	105
PID 2540 wrote to memory of 1008	2540	rundll32.exe	106
PID 2540 wrote to memory of 1008	2540	rundll32.exe	106
PID 2540 wrote to memory of 1008	2540	rundll32.exe	106
PID 1008 wrote to memory of 788	1008	rundll32.exe	107

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:3008
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
  2⤵
  - Suspicious use of WriteProcessMemory
  PID:5116
- - C:\Windows\SysWOW64\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
    3⤵
    - Suspicious use of WriteProcessMemory
    PID:2324
  - - C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
      4⤵
      Suspicious use of WriteProcessMemory
      PID:4828
    - - C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        5⤵
        Suspicious use of WriteProcessMemory
        
        PID:848
      - C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        6⤵
        Suspicious use of WriteProcessMemory
        
        PID:2812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        7⤵
        Suspicious use of WriteProcessMemory
        
        PID:4048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        8⤵
        Suspicious use of WriteProcessMemory
        
        PID:944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        9⤵
        Suspicious use of WriteProcessMemory
        
        PID:3548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        10⤵
        Suspicious use of WriteProcessMemory
        
        PID:3612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        11⤵
        Suspicious use of WriteProcessMemory
        
        PID:1064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        12⤵
        Suspicious use of WriteProcessMemory
        
        PID:3420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        13⤵
        Suspicious use of WriteProcessMemory
        
        PID:2840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        14⤵
        Suspicious use of WriteProcessMemory
        
        PID:3344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        15⤵
        Suspicious use of WriteProcessMemory
        
        PID:2340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        16⤵
        Suspicious use of WriteProcessMemory
        
        PID:1268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        17⤵
        Suspicious use of WriteProcessMemory
        
        PID:3516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        18⤵
        Suspicious use of WriteProcessMemory
        
        PID:3968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        19⤵
        Suspicious use of WriteProcessMemory
        
        PID:816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        20⤵
        Suspicious use of WriteProcessMemory
        
        PID:2652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        21⤵
        Suspicious use of WriteProcessMemory
        
        PID:2540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        22⤵
        Suspicious use of WriteProcessMemory
        
        PID:1008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        23⤵
        
        PID:788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        24⤵
        
        PID:3044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        25⤵
        
        PID:4548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        26⤵
        
        PID:1212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        27⤵
        
        PID:5096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        28⤵
        
        PID:1956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        29⤵
        
        PID:1424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        30⤵
        
        PID:1292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        31⤵
        
        PID:1204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        32⤵
        
        PID:960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        33⤵
        
        PID:2364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        34⤵
        
        PID:1496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        35⤵
        
        PID:1620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        36⤵
        
        PID:2640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        37⤵
        
        PID:3556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        38⤵
        
        PID:3960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        39⤵
        
        PID:3992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        40⤵
        
        PID:4888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        41⤵
        
        PID:2280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        42⤵
        
        PID:672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        43⤵
        
        PID:4628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        44⤵
        
        PID:3268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        45⤵
        
        PID:896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        46⤵
        
        PID:1072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        47⤵
        
        PID:436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        48⤵
        
        PID:1540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        49⤵
        
        PID:1092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        50⤵
        
        PID:3836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        51⤵
        
        PID:3116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        52⤵
        
        PID:4004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        53⤵
        
        PID:4848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        54⤵
        
        PID:1232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        55⤵
        
        PID:4664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        56⤵
        
        PID:2444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        57⤵
        
        PID:5064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        58⤵
        
        PID:4656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        59⤵
        
        PID:3188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        60⤵
        
        PID:5104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        61⤵
        
        PID:3284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        62⤵
        
        PID:3976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        63⤵
        
        PID:696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        64⤵
        
        PID:4708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        65⤵
        
        PID:4604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        66⤵
        
        PID:1324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        67⤵
        
        PID:2120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        68⤵
        
        PID:656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        69⤵
        
        PID:4944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        70⤵
        
        PID:2744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        71⤵
        
        PID:4176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        72⤵
        
        PID:1844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        73⤵
        
        PID:4880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        74⤵
        
        PID:3416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        75⤵
        
        PID:3492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        76⤵
        
        PID:2576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        77⤵
        
        PID:3444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        78⤵
        
        PID:2224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        79⤵
        
        PID:5000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        80⤵
        
        PID:3640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        81⤵
        
        PID:4320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        82⤵
        
        PID:3668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        83⤵
        
        PID:3984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        84⤵
        
        PID:216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        85⤵
        
        PID:2876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        86⤵
        
        PID:4376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        87⤵
        
        PID:4516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        88⤵
        
        PID:3552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        89⤵
        
        PID:344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        90⤵
        
        PID:4764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        91⤵
        
        PID:4192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        92⤵
        
        PID:1076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        93⤵
        
        PID:2392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        94⤵
        
        PID:4480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        95⤵
        
        PID:1964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        96⤵
        
        PID:1840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        97⤵
        
        PID:2052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        98⤵
        
        PID:2696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        99⤵
        
        PID:1396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        100⤵
        
        PID:4900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        101⤵
        
        PID:540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        102⤵
        
        PID:2580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        103⤵
        
        PID:1772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        104⤵
        
        PID:3192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        105⤵
        
        PID:5124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        106⤵
        
        PID:5140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        107⤵
        
        PID:5152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        108⤵
        
        PID:5168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        109⤵
        
        PID:5184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        110⤵
        
        PID:5200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        111⤵
        
        PID:5216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        112⤵
        
        PID:5232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        113⤵
        
        PID:5248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        114⤵
        
        PID:5260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        115⤵
        
        PID:5276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        116⤵
        
        PID:5292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        117⤵
        
        PID:5308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        118⤵
        
        PID:5324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        119⤵
        
        PID:5340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        120⤵
        
        PID:5356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        121⤵
        
        PID:5368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        122⤵
        
        PID:5384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        123⤵
        
        PID:5400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        124⤵
        
        PID:5416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        125⤵
        
        PID:5432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        126⤵
        
        PID:5448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        127⤵
        
        PID:5464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        128⤵
        
        PID:5480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        129⤵
        
        PID:5492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        130⤵
        
        PID:5508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        131⤵
        
        PID:5520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        132⤵
        
        PID:5536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        133⤵
        
        PID:5552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        134⤵
        
        PID:5568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        135⤵
        
        PID:5584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        136⤵
        
        PID:5600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        137⤵
        
        PID:5612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        138⤵
        
        PID:5628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        139⤵
        
        PID:5644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        140⤵
        
        PID:5660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        141⤵
        
        PID:5676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        142⤵
        
        PID:5692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        143⤵
        
        PID:5704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        144⤵
        
        PID:5716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        145⤵
        
        PID:5732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        146⤵
        
        PID:5752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        147⤵
        
        PID:5768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        148⤵
        
        PID:5780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        149⤵
        
        PID:5792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        150⤵
        
        PID:5808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        151⤵
        
        PID:5820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        152⤵
        
        PID:5832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        153⤵
        
        PID:5848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        154⤵
        
        PID:5864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        155⤵
        
        PID:5880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        156⤵
        
        PID:5896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        157⤵
        
        PID:5908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        158⤵
        
        PID:5920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        159⤵
        
        PID:5936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        160⤵
        
        PID:5952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        161⤵
        
        PID:5968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        162⤵
        
        PID:5984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        163⤵
        
        PID:6000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        164⤵
        
        PID:6016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        165⤵
        
        PID:6032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        166⤵
        
        PID:6044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        167⤵
        
        PID:6060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        168⤵
        
        PID:6076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        169⤵
        
        PID:6092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        170⤵
        
        PID:6108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        171⤵
        
        PID:6124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        172⤵
        
        PID:6136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        173⤵
        
        PID:3468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        174⤵
        
        PID:3432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        175⤵
        
        PID:768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        176⤵
        
        PID:1400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        177⤵
        
        PID:4408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        178⤵
        
        PID:3064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        179⤵
        
        PID:4676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        180⤵
        
        PID:2012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        181⤵
        
        PID:4960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        182⤵
        
        PID:4540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        183⤵
        
        PID:4980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        184⤵
        
        PID:6152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        185⤵
        
        PID:6168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        186⤵
        
        PID:6184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        187⤵
        
        PID:6200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        188⤵
        
        PID:6216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        189⤵
        
        PID:6232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        190⤵
        
        PID:6248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        191⤵
        
        PID:6264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        192⤵
        
        PID:6276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        193⤵
        
        PID:6292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        194⤵
        
        PID:6304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        195⤵
        
        PID:6316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        196⤵
        
        PID:6332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        197⤵
        
        PID:6348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        198⤵
        
        PID:6360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        199⤵
        
        PID:6376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        200⤵
        
        PID:6392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        201⤵
        
        PID:6404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        202⤵
        
        PID:6416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        203⤵
        
        PID:6432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        204⤵
        
        PID:6444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        205⤵
        
        PID:6456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        206⤵
        
        PID:6472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        207⤵
        
        PID:6488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        208⤵
        
        PID:6504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        209⤵
        
        PID:6520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        210⤵
        
        PID:6536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        211⤵
        
        PID:6552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        212⤵
        
        PID:6568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        213⤵
        
        PID:6588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        214⤵
        
        PID:6600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        215⤵
        
        PID:6612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        216⤵
        
        PID:6624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        217⤵
        
        PID:6644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        218⤵
        
        PID:6656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        219⤵
        
        PID:6672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        220⤵
        
        PID:6688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        221⤵
        
        PID:6700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        222⤵
        
        PID:6716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        223⤵
        
        PID:6732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        224⤵
        
        PID:6748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        225⤵
        
        PID:6764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        226⤵
        
        PID:6780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        227⤵
        
        PID:6796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        228⤵
        
        PID:6808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        229⤵
        
        PID:6824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        230⤵
        
        PID:6840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        231⤵
        
        PID:6856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        232⤵
        
        PID:6872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        233⤵
        
        PID:6884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        234⤵
        
        PID:6900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        235⤵
        
        PID:6916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        236⤵
        
        PID:6932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        237⤵
        
        PID:6944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        238⤵
        
        PID:6960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        239⤵
        
        PID:6976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        240⤵
        
        PID:6988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        241⤵
        
        PID:7004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        242⤵
        
        PID:7020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        243⤵
        
        PID:7036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        244⤵
        
        PID:7048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        245⤵
        
        PID:7060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        246⤵
        
        PID:7072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        247⤵
        
        PID:7088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        248⤵
        
        PID:7104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        249⤵
        
        PID:7120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        250⤵
        
        PID:7136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        251⤵
        
        PID:7152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        252⤵
        
        PID:7164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        253⤵
        
        PID:1520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        254⤵
        
        PID:7180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        255⤵
        
        PID:7196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        256⤵
        
        PID:7212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        257⤵
        
        PID:7228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        258⤵
        
        PID:7244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        259⤵
        
        PID:7260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        260⤵
        
        PID:7276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        261⤵
        
        PID:7292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        262⤵
        
        PID:7308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        263⤵
        
        PID:7324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        264⤵
        
        PID:7340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        265⤵
        
        PID:7352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        266⤵
        
        PID:7364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        267⤵
        
        PID:7380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        268⤵
        
        PID:7392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        269⤵
        
        PID:7408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        270⤵
        
        PID:7428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        271⤵
        
        PID:7444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        272⤵
        
        PID:7460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        273⤵
        
        PID:7476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        274⤵
        
        PID:7492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        275⤵
        
        PID:7508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        276⤵
        
        PID:7524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        277⤵
        
        PID:7536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        278⤵
        
        PID:7548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        279⤵
        
        PID:7568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        280⤵
        
        PID:7584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        281⤵
        
        PID:7600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        282⤵
        
        PID:7612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        283⤵
        
        PID:7624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        284⤵
        
        PID:7640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        285⤵
        
        PID:7652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        286⤵
        
        PID:7668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        287⤵
        
        PID:7684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        288⤵
        
        PID:7700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        289⤵
        
        PID:7716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        290⤵
        
        PID:7732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        291⤵
        
        PID:7744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        292⤵
        
        PID:7756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        293⤵
        
        PID:7768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        294⤵
        
        PID:7780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        295⤵
        
        PID:7792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        296⤵
        
        PID:7808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        297⤵
        
        PID:7820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        298⤵
        
        PID:7832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        299⤵
        
        PID:7844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        300⤵
        
        PID:7856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        301⤵
        
        PID:7872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        302⤵
        
        PID:7884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        303⤵
        
        PID:7896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        304⤵
        
        PID:7912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        305⤵
        
        PID:7924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        306⤵
        
        PID:7940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        307⤵
        
        PID:7952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        308⤵
        
        PID:7968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        309⤵
        
        PID:7980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        310⤵
        
        PID:7996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        311⤵
        
        PID:8008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        312⤵
        
        PID:8024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        313⤵
        
        PID:8036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        314⤵
        
        PID:8052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        315⤵
        
        PID:8068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        316⤵
        
        PID:8080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        317⤵
        
        PID:8092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        318⤵
        
        PID:8112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        319⤵
        
        PID:8128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        320⤵
        
        PID:8140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        321⤵
        
        PID:8160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        322⤵
        
        PID:8176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        323⤵
        
        PID:7096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        324⤵
        
        PID:8200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        325⤵
        
        PID:8212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        326⤵
        
        PID:8224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        327⤵
        
        PID:8236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        328⤵
        
        PID:8252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        329⤵
        
        PID:8264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        330⤵
        
        PID:8276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        331⤵
        
        PID:8292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        332⤵
        
        PID:8308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        333⤵
        
        PID:8320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        334⤵
        
        PID:8336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        335⤵
        
        PID:8352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        336⤵
        
        PID:8368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        337⤵
        
        PID:8380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        338⤵
        
        PID:8396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        339⤵
        
        PID:8412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        340⤵
        
        PID:8428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        341⤵
        
        PID:8444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        342⤵
        
        PID:8456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        343⤵
        
        PID:8472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        344⤵
        
        PID:8488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        345⤵
        
        PID:8500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        346⤵
        
        PID:8516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        347⤵
        
        PID:8532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        348⤵
        
        PID:8548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        349⤵
        
        PID:8568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        350⤵
        
        PID:8584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        351⤵
        
        PID:8600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        352⤵
        
        PID:8616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        353⤵
        
        PID:8632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        354⤵
        
        PID:8648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        355⤵
        
        PID:8660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        356⤵
        
        PID:8672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        357⤵
        
        PID:8692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        358⤵
        
        PID:8708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        359⤵
        
        PID:8724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        360⤵
        
        PID:8736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        361⤵
        
        PID:8752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        362⤵
        
        PID:8768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        363⤵
        
        PID:8784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        364⤵
        
        PID:8800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        365⤵
        
        PID:8816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        366⤵
        
        PID:8832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        367⤵
        
        PID:8844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        368⤵
        
        PID:8860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        369⤵
        
        PID:8876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        370⤵
        
        PID:8892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        371⤵
        
        PID:8908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        372⤵
        
        PID:8924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        373⤵
        
        PID:8940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        374⤵
        
        PID:8952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        375⤵
        
        PID:8964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        376⤵
        
        PID:8976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        377⤵
        
        PID:8992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        378⤵
        
        PID:9008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        379⤵
        
        PID:9024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        380⤵
        
        PID:9040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        381⤵
        
        PID:9056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        382⤵
        
        PID:9072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        383⤵
        
        PID:9084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        384⤵
        
        PID:9096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        385⤵
        
        PID:9112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        386⤵
        
        PID:9124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        387⤵
        
        PID:9136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        388⤵
        
        PID:9148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        389⤵
        
        PID:9164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        390⤵
        
        PID:9176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        391⤵
        
        PID:9192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        392⤵
        
        PID:9208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        393⤵
        
        PID:8716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        394⤵
        
        PID:9236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        395⤵
        
        PID:9248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        396⤵
        
        PID:9264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        397⤵
        
        PID:9280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        398⤵
        
        PID:9300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        399⤵
        
        PID:9312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        400⤵
        
        PID:9328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        401⤵
        
        PID:9344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        402⤵
        
        PID:9364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        403⤵
        
        PID:9376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        404⤵
        
        PID:9392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        405⤵
        
        PID:9408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        406⤵
        
        PID:9420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        407⤵
        
        PID:9436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        408⤵
        
        PID:9452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        409⤵
        
        PID:9468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        410⤵
        
        PID:9484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        411⤵
        
        PID:9500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        412⤵
        
        PID:9516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        413⤵
        
        PID:9528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        414⤵
        
        PID:9540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        415⤵
        
        PID:9556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        416⤵
        
        PID:9572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        417⤵
        
        PID:9588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        418⤵
        
        PID:9600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        419⤵
        
        PID:9612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        420⤵
        
        PID:9628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        421⤵
        
        PID:9640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        422⤵
        
        PID:9656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        423⤵
        
        PID:9672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        424⤵
        
        PID:9684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        425⤵
        
        PID:9696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        426⤵
        
        PID:9708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        427⤵
        
        PID:9728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        428⤵
        
        PID:9740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        429⤵
        
        PID:9756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        430⤵
        
        PID:9772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        431⤵
        
        PID:9784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        432⤵
        
        PID:9800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        433⤵
        
        PID:9812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        434⤵
        
        PID:9828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        435⤵
        
        PID:9840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        436⤵
        
        PID:9856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        437⤵
        
        PID:9868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        438⤵
        
        PID:9880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        439⤵
        
        PID:9900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        440⤵
        
        PID:9912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        441⤵
        
        PID:9928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        442⤵
        
        PID:9944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        443⤵
        
        PID:9960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        444⤵
        
        PID:9972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        445⤵
        
        PID:9988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        446⤵
        
        PID:10004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        447⤵
        
        PID:10020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        448⤵
        
        PID:10036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        449⤵
        
        PID:10048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        450⤵
        
        PID:10072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        451⤵
        
        PID:10088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        452⤵
        
        PID:10100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        453⤵
        
        PID:10112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        454⤵
        
        PID:10124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        455⤵
        
        PID:10136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        456⤵
        
        PID:10152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        457⤵
        
        PID:10164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        458⤵
        
        PID:10180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        459⤵
        
        PID:10196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        460⤵
        
        PID:10212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        461⤵
        
        PID:10228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        462⤵
        
        PID:9296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        463⤵
        
        PID:10256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        464⤵
        
        PID:10268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        465⤵
        
        PID:10284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        466⤵
        
        PID:10300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        467⤵
        
        PID:10312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        468⤵
        
        PID:10328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        469⤵
        
        PID:10344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        470⤵
        
        PID:10360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        471⤵
        
        PID:10376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        472⤵
        
        PID:10392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        473⤵
        
        PID:10408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        474⤵
        
        PID:10424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        475⤵
        
        PID:10440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        476⤵
        
        PID:10452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        477⤵
        
        PID:10468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        478⤵
        
        PID:10480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        479⤵
        
        PID:10500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        480⤵
        
        PID:10516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        481⤵
        
        PID:10532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        482⤵
        
        PID:10548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        483⤵
        
        PID:10564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        484⤵
        
        PID:10580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        485⤵
        
        PID:10596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        486⤵
        
        PID:10612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        487⤵
        
        PID:10624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        488⤵
        
        PID:10640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        489⤵
        
        PID:10656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        490⤵
        
        PID:10672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        491⤵
        
        PID:10684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        492⤵
        
        PID:10696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        493⤵
        
        PID:10708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        494⤵
        
        PID:10720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        495⤵
        
        PID:10732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        496⤵
        
        PID:10748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        497⤵
        
        PID:10764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        498⤵
        
        PID:10780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        499⤵
        
        PID:10796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        500⤵
        
        PID:10808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        501⤵
        
        PID:10828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        502⤵
        
        PID:10844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        503⤵
        
        PID:10856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        504⤵
        
        PID:10868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        505⤵
        
        PID:10880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        506⤵
        
        PID:10896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        507⤵
        
        PID:10912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        508⤵
        
        PID:10928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        509⤵
        
        PID:10944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        510⤵
        
        PID:10956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        511⤵
        
        PID:10968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        512⤵
        
        PID:10984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        513⤵
        
        PID:11004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        514⤵
        
        PID:11020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        515⤵
        
        PID:11032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        516⤵
        
        PID:11044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        517⤵
        
        PID:11056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        518⤵
        
        PID:11068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        519⤵
        
        PID:11088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        520⤵
        
        PID:11104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        521⤵
        
        PID:11116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        522⤵
        
        PID:11128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        523⤵
        
        PID:11140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        524⤵
        
        PID:11156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        525⤵
        
        PID:11172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        526⤵
        
        PID:11184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        527⤵
        
        PID:11196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        528⤵
        
        PID:11212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        529⤵
        
        PID:11228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        530⤵
        
        PID:11240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        531⤵
        
        PID:11256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        532⤵
        
        PID:11268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        533⤵
        
        PID:11280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        534⤵
        
        PID:11300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        535⤵
        
        PID:11316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        536⤵
        
        PID:11328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        537⤵
        
        PID:11344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        538⤵
        
        PID:11360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        539⤵
        
        PID:11376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        540⤵
        
        PID:11388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        541⤵
        
        PID:11404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        542⤵
        
        PID:11420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        543⤵
        
        PID:11432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        544⤵
        
        PID:11448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        545⤵
        
        PID:11464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        546⤵
        
        PID:11480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        547⤵
        
        PID:11492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        548⤵
        
        PID:11508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        549⤵
        
        PID:11520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        550⤵
        
        PID:11536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        551⤵
        
        PID:11552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        552⤵
        
        PID:11568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        553⤵
        
        PID:11584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        554⤵
        
        PID:11600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        555⤵
        
        PID:11616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        556⤵
        
        PID:11628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        557⤵
        
        PID:11648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        558⤵
        
        PID:11664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        559⤵
        
        PID:11676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        560⤵
        
        PID:11692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        561⤵
        
        PID:11708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        562⤵
        
        PID:11724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        563⤵
        
        PID:11736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        564⤵
        
        PID:11756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        565⤵
        
        PID:11772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        566⤵
        
        PID:11788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        567⤵
        
        PID:11804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        568⤵
        
        PID:11820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        569⤵
        
        PID:11836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        570⤵
        
        PID:11852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        571⤵
        
        PID:11864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        572⤵
        
        PID:11876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        573⤵
        
        PID:11892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        574⤵
        
        PID:11904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        575⤵
        
        PID:11920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        576⤵
        
        PID:11940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        577⤵
        
        PID:11952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        578⤵
        
        PID:11968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        579⤵
        
        PID:11980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        580⤵
        
        PID:11996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        581⤵
        
        PID:12012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        582⤵
        
        PID:12028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        583⤵
        
        PID:12044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        584⤵
        
        PID:12060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        585⤵
        
        PID:12076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        586⤵
        
        PID:12092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        587⤵
        
        PID:12108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        588⤵
        
        PID:12124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        589⤵
        
        PID:12140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        590⤵
        
        PID:12156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        591⤵
        
        PID:12172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        592⤵
        
        PID:12184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        593⤵
        
        PID:12200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        594⤵
        
        PID:12212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        595⤵
        
        PID:12228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        596⤵
        
        PID:12240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        597⤵
        
        PID:12256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        598⤵
        
        PID:12272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        599⤵
        
        PID:12284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        600⤵
        
        PID:12292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        601⤵
        
        PID:12304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        602⤵
        
        PID:12320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        603⤵
        
        PID:12336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        604⤵
        
        PID:12356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        605⤵
        
        PID:12372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        606⤵
        
        PID:12388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        607⤵
        
        PID:12400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        608⤵
        
        PID:12428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        609⤵
        
        PID:12440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        610⤵
        
        PID:12456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        611⤵
        
        PID:12472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        612⤵
        
        PID:12488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        613⤵
        
        PID:12500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        614⤵
        
        PID:12516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        615⤵
        
        PID:12532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        616⤵
        
        PID:12548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        617⤵
        
        PID:12564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        618⤵
        
        PID:12580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        619⤵
        
        PID:12592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        620⤵
        
        PID:12608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        621⤵
        
        PID:12624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        622⤵
        
        PID:12640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        623⤵
        
        PID:12652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        624⤵
        
        PID:12668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        625⤵
        
        PID:12684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        626⤵
        
        PID:12700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        627⤵
        
        PID:12712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        628⤵
        
        PID:12732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        629⤵
        
        PID:12748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        630⤵
        
        PID:12760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        631⤵
        
        PID:12780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        632⤵
        
        PID:12796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        633⤵
        
        PID:12812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        634⤵
        
        PID:12824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        635⤵
        
        PID:12844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        636⤵
        
        PID:12856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        637⤵
        
        PID:12868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        638⤵
        
        PID:12880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        639⤵
        
        PID:12900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        640⤵
        
        PID:12916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        641⤵
        
        PID:12932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        642⤵
        
        PID:12948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        643⤵
        
        PID:12964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        644⤵
        
        PID:12984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        645⤵
        
        PID:13000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        646⤵
        
        PID:13012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        647⤵
        
        PID:13028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        648⤵
        
        PID:13044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        649⤵
        
        PID:13056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        650⤵
        
        PID:13072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        651⤵
        
        PID:13088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        652⤵
        
        PID:13104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        653⤵
        
        PID:13116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        654⤵
        
        PID:13132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        655⤵
        
        PID:13148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        656⤵
        
        PID:13168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        657⤵
        
        PID:13180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        658⤵
        
        PID:13196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        659⤵
        
        PID:13212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        660⤵
        
        PID:13224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        661⤵
        
        PID:13244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        662⤵
        
        PID:13260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        663⤵
        
        PID:13276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        664⤵
        
        PID:13292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        665⤵
        
        PID:13308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        666⤵
        
        PID:13324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        667⤵
        
        PID:13336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        668⤵
        
        PID:13348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        669⤵
        
        PID:13360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        670⤵
        
        PID:13372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        671⤵
        
        PID:13384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        672⤵
        
        PID:13400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        673⤵
        
        PID:13416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        674⤵
        
        PID:13432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        675⤵
        
        PID:13448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        676⤵
        
        PID:13464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        677⤵
        
        PID:13476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        678⤵
        
        PID:13488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        679⤵
        
        PID:13508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        680⤵
        
        PID:13524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        681⤵
        
        PID:13544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        682⤵
        
        PID:13560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        683⤵
        
        PID:13572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        684⤵
        
        PID:13588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        685⤵
        
        PID:13604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        686⤵
        
        PID:13620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        687⤵
        
        PID:13636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        688⤵
        
        PID:13648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        689⤵
        
        PID:13664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        690⤵
        
        PID:13676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        691⤵
        
        PID:13692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        692⤵
        
        PID:13704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        693⤵
        
        PID:13724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        694⤵
        
        PID:13736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        695⤵
        
        PID:13748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        696⤵
        
        PID:13764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        697⤵
        
        PID:13776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        698⤵
        
        PID:13788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        699⤵
        
        PID:13804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        700⤵
        
        PID:13820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        701⤵
        
        PID:13832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        702⤵
        
        PID:13848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        703⤵
        
        PID:13864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        704⤵
        
        PID:13880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        705⤵
        
        PID:13896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        706⤵
        
        PID:13912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        707⤵
        
        PID:13924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        708⤵
        
        PID:13940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        709⤵
        
        PID:13952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        710⤵
        
        PID:13964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        711⤵
        
        PID:13984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        712⤵
        
        PID:13996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        713⤵
        
        PID:14016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        714⤵
        
        PID:14032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        715⤵
        
        PID:14044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        716⤵
        
        PID:14056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        717⤵
        
        PID:14076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        718⤵
        
        PID:14092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        719⤵
        
        PID:14108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        720⤵
        
        PID:14124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        721⤵
        
        PID:14144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        722⤵
        
        PID:14160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        723⤵
        
        PID:14176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        724⤵
        
        PID:14192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        725⤵
        
        PID:14208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        726⤵
        
        PID:14224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        727⤵
        
        PID:14240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        728⤵
        
        PID:14256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        729⤵
        
        PID:14268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        730⤵
        
        PID:14284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        731⤵
        
        PID:14300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        732⤵
        
        PID:14316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        733⤵
        
        PID:14332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        734⤵
        
        PID:14344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        735⤵
        
        PID:14360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        736⤵
        
        PID:14376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        737⤵
        
        PID:14392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        738⤵
        
        PID:14404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        739⤵
        
        PID:14420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        740⤵
        
        PID:14436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        741⤵
        
        PID:14452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        742⤵
        
        PID:14468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        743⤵
        
        PID:14480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        744⤵
        
        PID:14496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        745⤵
        
        PID:14512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        746⤵
        
        PID:14524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        747⤵
        
        PID:14540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        748⤵
        
        PID:14556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        749⤵
        
        PID:14572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        750⤵
        
        PID:14584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        751⤵
        
        PID:14600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        752⤵
        
        PID:14612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        753⤵
        
        PID:14628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        754⤵
        
        PID:14644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        755⤵
        
        PID:14656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        756⤵
        
        PID:14668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        757⤵
        
        PID:14684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        758⤵
        
        PID:14704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        759⤵
        
        PID:14720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        760⤵
        
        PID:14732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        761⤵
        
        PID:14748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        762⤵
        
        PID:14764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        763⤵
        
        PID:14780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        764⤵
        
        PID:14796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        765⤵
        
        PID:14812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        766⤵
        
        PID:14824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        767⤵
        
        PID:14840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        768⤵
        
        PID:14856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        769⤵
        
        PID:14868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        770⤵
        
        PID:14884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        771⤵
        
        PID:14900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        772⤵
        
        PID:14912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        773⤵
        
        PID:14928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        774⤵
        
        PID:14944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        775⤵
        
        PID:14960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        776⤵
        
        PID:14972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        777⤵
        
        PID:14984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        778⤵
        
        PID:15000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        779⤵
        
        PID:15012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        780⤵
        
        PID:15028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        781⤵
        
        PID:15044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        782⤵
        
        PID:15060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        783⤵
        
        PID:15076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        784⤵
        
        PID:15092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        785⤵
        
        PID:15104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        786⤵
        
        PID:15120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        787⤵
        
        PID:15136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        788⤵
        
        PID:15152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        789⤵
        
        PID:15168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        790⤵
        
        PID:15180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        791⤵
        
        PID:15196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        792⤵
        
        PID:15208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        793⤵
        
        PID:15228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        794⤵
        
        PID:15244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        795⤵
        
        PID:15260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        796⤵
        
        PID:15272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        797⤵
        
        PID:15292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        798⤵
        
        PID:15308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        799⤵
        
        PID:15324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        800⤵
        
        PID:15340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        801⤵
        
        PID:15352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        802⤵
        
        PID:14692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        803⤵
        
        PID:15372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        804⤵
        
        PID:15388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        805⤵
        
        PID:15400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        806⤵
        
        PID:15420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        807⤵
        
        PID:15436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        808⤵
        
        PID:15452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        809⤵
        
        PID:15468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        810⤵
        
        PID:15484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        811⤵
        
        PID:15500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        812⤵
        
        PID:15516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        813⤵
        
        PID:15532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        814⤵
        
        PID:15548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        815⤵
        
        PID:15564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        816⤵
        
        PID:15580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        817⤵
        
        PID:15596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        818⤵
        
        PID:15612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        819⤵
        
        PID:15628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        820⤵
        
        PID:15644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        821⤵
        
        PID:15656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        822⤵
        
        PID:15672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        823⤵
        
        PID:15684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        824⤵
        
        PID:15696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        825⤵
        
        PID:15712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        826⤵
        
        PID:15728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        827⤵
        
        PID:15740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        828⤵
        
        PID:15752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        829⤵
        
        PID:15768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        830⤵
        
        PID:15784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        831⤵
        
        PID:15796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        832⤵
        
        PID:15812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        833⤵
        
        PID:15828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        834⤵
        
        PID:15840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        835⤵
        
        PID:15856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        836⤵
        
        PID:15868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        837⤵
        
        PID:15888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        838⤵
        
        PID:15904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        839⤵
        
        PID:15916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        840⤵
        
        PID:15928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        841⤵
        
        PID:15944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        842⤵
        
        PID:15960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        843⤵
        
        PID:15976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        844⤵
        
        PID:15992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        845⤵
        
        PID:16008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        846⤵
        
        PID:16020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        847⤵
        
        PID:16032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        848⤵
        
        PID:16048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        849⤵
        
        PID:16064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        850⤵
        
        PID:16080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        851⤵
        
        PID:16096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        852⤵
        
        PID:16112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        853⤵
        
        PID:16128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        854⤵
        
        PID:16144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        855⤵
        
        PID:16160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        856⤵
        
        PID:16176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        857⤵
        
        PID:16192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        858⤵
        
        PID:16208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        859⤵
        
        PID:16224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        860⤵
        
        PID:16240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        861⤵
        
        PID:16256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        862⤵
        
        PID:16272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        863⤵
        
        PID:16284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        864⤵
        
        PID:16300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        865⤵
        
        PID:16316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        866⤵
        
        PID:16332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        867⤵
        
        PID:16348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        868⤵
        
        PID:16364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        869⤵
        
        PID:3296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        870⤵
        
        PID:2600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        871⤵
        
        PID:15280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        872⤵
        
        PID:16396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        873⤵
        
        PID:16412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        874⤵
        
        PID:16428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        875⤵
        
        PID:16444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        876⤵
        
        PID:16460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        877⤵
        
        PID:16476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        878⤵
        
        PID:16492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        879⤵
        
        PID:16508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        880⤵
        
        PID:16520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        881⤵
        
        PID:16532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        882⤵
        
        PID:16544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        883⤵
        
        PID:16560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        884⤵
        
        PID:16576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        885⤵
        
        PID:16592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        886⤵
        
        PID:16608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        887⤵
        
        PID:16624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        888⤵
        
        PID:16640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        889⤵
        
        PID:16656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        890⤵
        
        PID:16668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        891⤵
        
        PID:16688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        892⤵
        
        PID:16704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        893⤵
        
        PID:16720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        894⤵
        
        PID:16736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\377337ea24561a8ebdbd56526bb15770_JaffaCakes118.dll,#1
        895⤵
        
        PID:16748

C:\Windows\system32\dwm.exe
"dwm.exe"
1⤵
- Checks SCSI registry key(s)
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious use of AdjustPrivilegeToken
PID:17264

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Windows 7 deprecation

Loading Replay Monitor...

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads