Analysis
-
max time kernel
149s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240709-en -
resource tags
arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system -
submitted
11-07-2024 11:33
Behavioral task
behavioral1
Sample
38f1754baf886606f992e6a76617624c_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
38f1754baf886606f992e6a76617624c_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
38f1754baf886606f992e6a76617624c_JaffaCakes118.exe
-
Size
513KB
-
MD5
38f1754baf886606f992e6a76617624c
-
SHA1
18f51edbad7eb052cd759279550b89ef1d9c0c41
-
SHA256
9b8226ffeaf5887e86c8be9c453f684200842c5d4db01f4cc545c4803e72597d
-
SHA512
140fdf0b00c7d87f70aaf4ed731e9752ff5c1a2bc91089c324677c3b0cb7c3081bc749d919e2a1bb59fb31e31a6bcc28e2513395da7bc4cd951274dd6a2be809
-
SSDEEP
12288:7oXEomPAW1OLznAaeVsG9tTw8jHqgXfd6tf/cbnz:cXEomPAMOLzAaKT5qgXfYfg
Malware Config
Extracted
xtremerat
hackxxx.no-ip.org
Signatures
-
Detect XtremeRAT payload 64 IoCs
Processes:
resource yara_rule behavioral2/memory/3104-3-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/4188-17-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/1464-19-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/1464-28-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/912-29-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/912-37-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/3236-41-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/4456-42-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/4456-47-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/868-48-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/868-56-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/3140-57-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/1224-62-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/1648-63-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/3140-71-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/1648-76-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/5060-77-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/1508-82-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/3728-83-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/1640-87-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/5060-92-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/3332-93-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/3740-98-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/3728-100-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/3332-108-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/2160-113-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/4988-114-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/4612-119-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/4860-120-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/1648-128-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/724-129-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/4988-134-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/4200-140-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/4860-139-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/724-145-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/3988-147-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/3188-148-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/4200-156-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/4508-158-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/4588-159-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/3188-161-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/4036-162-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/1912-166-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/3396-167-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/4588-175-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/5280-176-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/4036-181-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/5384-182-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/3396-187-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/5452-188-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/4200-193-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/5280-198-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/5808-199-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/5524-204-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/5384-206-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/5452-208-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/5948-209-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/5948-217-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/3712-223-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/5808-222-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/5908-228-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/5508-229-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/6068-234-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat behavioral2/memory/4440-235-0x0000000000C80000-0x0000000000D3E000-memory.dmp family_xtremerat -
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Checks computer location settings 2 TTPs 64 IoCs
Looks up country code configured in the registry, likely geofence.
Processes:
38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exedescription ioc process Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe Key value queried \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000\Control Panel\International\Geo\Nation 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe -
Executes dropped EXE 1 IoCs
Processes:
869svchost.exepid process 4984 869svchost.exe -
Processes:
resource yara_rule behavioral2/memory/4188-0-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/3104-3-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/4188-17-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/1464-19-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/1464-28-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/912-29-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/3236-33-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/912-37-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/3236-41-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/4456-42-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/4456-47-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/868-48-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/868-56-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/3140-57-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/1224-62-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/1648-63-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/3140-71-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/1648-76-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/5060-77-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/1508-82-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/3728-83-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/1640-87-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/5060-92-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/3332-93-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/3740-98-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/3728-100-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/3332-108-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/2160-113-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/4988-114-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/4612-119-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/4860-120-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/1648-128-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/724-129-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/4988-134-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/4200-140-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/4860-139-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/724-145-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/3988-147-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/3188-148-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/4200-156-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/4508-158-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/4588-159-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/3188-161-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/4036-162-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/1912-166-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/3396-167-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/4588-175-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/5280-176-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/4036-181-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/5384-182-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/3396-187-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/5452-188-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/4200-193-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/5280-198-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/5808-199-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/5524-204-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/5384-206-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/5452-208-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/5948-209-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/5948-217-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/3712-223-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/5808-222-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/5908-228-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx behavioral2/memory/5508-229-0x0000000000C80000-0x0000000000D3E000-memory.dmp upx -
Drops desktop.ini file(s) 2 IoCs
Processes:
869svchost.exedescription ioc process File created C:\Windows\assembly\Desktop.ini 869svchost.exe File opened for modification C:\Windows\assembly\Desktop.ini 869svchost.exe -
Drops file in Windows directory 3 IoCs
Processes:
869svchost.exedescription ioc process File opened for modification C:\Windows\assembly 869svchost.exe File created C:\Windows\assembly\Desktop.ini 869svchost.exe File opened for modification C:\Windows\assembly\Desktop.ini 869svchost.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious use of WriteProcessMemory 64 IoCs
Processes:
38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exe38f1754baf886606f992e6a76617624c_JaffaCakes118.exesvchost.exedescription pid process target process PID 4188 wrote to memory of 3104 4188 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe svchost.exe PID 4188 wrote to memory of 3104 4188 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe svchost.exe PID 4188 wrote to memory of 3104 4188 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe svchost.exe PID 4188 wrote to memory of 3104 4188 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe svchost.exe PID 4188 wrote to memory of 3788 4188 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 4188 wrote to memory of 3788 4188 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 4188 wrote to memory of 3788 4188 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 4188 wrote to memory of 2288 4188 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 4188 wrote to memory of 2288 4188 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 4188 wrote to memory of 2288 4188 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 4188 wrote to memory of 2468 4188 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 4188 wrote to memory of 2468 4188 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 4188 wrote to memory of 2468 4188 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 4188 wrote to memory of 2480 4188 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 4188 wrote to memory of 2480 4188 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 4188 wrote to memory of 2480 4188 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 4188 wrote to memory of 692 4188 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 4188 wrote to memory of 692 4188 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 4188 wrote to memory of 692 4188 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 4188 wrote to memory of 2696 4188 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 4188 wrote to memory of 2696 4188 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 4188 wrote to memory of 2696 4188 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 4188 wrote to memory of 376 4188 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 4188 wrote to memory of 376 4188 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 4188 wrote to memory of 376 4188 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 4188 wrote to memory of 2944 4188 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 4188 wrote to memory of 2944 4188 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 4188 wrote to memory of 4984 4188 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe 869svchost.exe PID 4188 wrote to memory of 4984 4188 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe 869svchost.exe PID 4188 wrote to memory of 4984 4188 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe 869svchost.exe PID 4188 wrote to memory of 1464 4188 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe PID 4188 wrote to memory of 1464 4188 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe PID 4188 wrote to memory of 1464 4188 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe PID 1464 wrote to memory of 3972 1464 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 1464 wrote to memory of 3972 1464 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 1464 wrote to memory of 3972 1464 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 1464 wrote to memory of 3220 1464 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 1464 wrote to memory of 3220 1464 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 1464 wrote to memory of 3220 1464 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 1464 wrote to memory of 3940 1464 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 1464 wrote to memory of 3940 1464 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 1464 wrote to memory of 3940 1464 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 1464 wrote to memory of 1072 1464 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 1464 wrote to memory of 1072 1464 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 1464 wrote to memory of 1072 1464 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 1464 wrote to memory of 4008 1464 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 1464 wrote to memory of 4008 1464 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 1464 wrote to memory of 4008 1464 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 1464 wrote to memory of 2240 1464 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 1464 wrote to memory of 2240 1464 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 1464 wrote to memory of 2240 1464 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 1464 wrote to memory of 436 1464 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 1464 wrote to memory of 436 1464 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 1464 wrote to memory of 436 1464 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 1464 wrote to memory of 3552 1464 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 1464 wrote to memory of 3552 1464 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 1464 wrote to memory of 912 1464 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe PID 1464 wrote to memory of 912 1464 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe PID 1464 wrote to memory of 912 1464 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe PID 912 wrote to memory of 2156 912 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 912 wrote to memory of 2156 912 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 912 wrote to memory of 2156 912 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe msedge.exe PID 3104 wrote to memory of 3236 3104 svchost.exe 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe PID 3104 wrote to memory of 3236 3104 svchost.exe 38f1754baf886606f992e6a76617624c_JaffaCakes118.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"1⤵
- Checks computer location settings
- Suspicious use of WriteProcessMemory
PID:4188 -
C:\Windows\SysWOW64\svchost.exesvchost.exe2⤵
- Suspicious use of WriteProcessMemory
PID:3104 -
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"3⤵
- Checks computer location settings
PID:3236 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:3680
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:3280
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:4880
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:1636
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:940
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:4360
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:2936
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:2656
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"4⤵PID:4456
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:3536
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:384
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:4836
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:4404
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:4452
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:372
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:3232
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:4996
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"5⤵
- Checks computer location settings
PID:868 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:624
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:2396
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:2136
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:3648
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:3532
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:1632
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:4780
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:3152
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"6⤵
- Checks computer location settings
PID:3140 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:2524
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:1412
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:5008
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:3576
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:5000
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:1352
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:2464
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:1032
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"7⤵PID:1640
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"8⤵PID:4076
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"3⤵
- Checks computer location settings
PID:1224 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:1228
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:3592
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:2248
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:3020
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:4604
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:4380
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:544
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:5108
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"4⤵
- Checks computer location settings
PID:1648 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:4532
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:100
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:3440
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:1976
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:3568
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:3380
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:3312
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:864
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"5⤵
- Checks computer location settings
PID:5060 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:4896
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:3136
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:1812
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:4196
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:1296
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:3796
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:3540
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:4484
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"6⤵
- Checks computer location settings
PID:3332 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:4356
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:1224
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:392
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:4960
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:212
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:4044
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:396
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:3560
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"7⤵
- Checks computer location settings
PID:1648 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"8⤵PID:4728
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"8⤵PID:3068
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"8⤵PID:1188
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"8⤵PID:2276
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"8⤵PID:5060
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"8⤵PID:3580
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"8⤵PID:3144
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"8⤵PID:1628
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"8⤵PID:724
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"9⤵PID:1712
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"3⤵
- Checks computer location settings
PID:1508 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:3384
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:2500
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:4024
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:1524
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:1692
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:2184
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:3784
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:3336
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"4⤵
- Checks computer location settings
PID:3728 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:2976
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:1180
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:5064
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:2112
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:2948
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:1124
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:4424
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:876
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"5⤵
- Checks computer location settings
PID:2160 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:4812
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:4556
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:3064
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:4416
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:2528
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:3140
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:3156
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:512
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"6⤵
- Checks computer location settings
PID:4988 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:4108
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:912
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:836
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:4456
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:4188
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:1988
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:4340
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:2916
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"7⤵
- Checks computer location settings
PID:4508 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"8⤵PID:3272
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"8⤵PID:220
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"8⤵PID:4900
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"8⤵PID:4988
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"8⤵PID:2860
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"8⤵PID:1640
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"8⤵PID:5024
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"8⤵PID:724
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"8⤵
- Checks computer location settings
PID:4588 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"9⤵PID:4128
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"9⤵PID:968
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"9⤵PID:4220
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"9⤵PID:4612
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"9⤵PID:5136
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"9⤵PID:5172
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"9⤵PID:5204
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"9⤵PID:5240
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"9⤵
- Checks computer location settings
PID:5280 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"10⤵PID:5340
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"10⤵PID:5436
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"10⤵PID:5596
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"10⤵PID:5632
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"10⤵PID:5664
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"10⤵PID:5700
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"10⤵PID:5732
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"10⤵PID:5768
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"10⤵
- Checks computer location settings
PID:5808 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"11⤵PID:5856
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"11⤵PID:5972
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"11⤵PID:6052
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"11⤵PID:6128
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"11⤵PID:408
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"11⤵PID:4588
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"11⤵PID:1956
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"11⤵PID:5364
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"11⤵
- Checks computer location settings
PID:3712 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"12⤵PID:5484
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"12⤵PID:5356
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"12⤵PID:5788
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"12⤵PID:844
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"12⤵PID:5448
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"12⤵PID:5392
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"12⤵PID:5516
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"12⤵PID:5944
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"12⤵
- Checks computer location settings
PID:5952 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"13⤵PID:3264
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"13⤵PID:2704
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"13⤵PID:1360
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"13⤵PID:5496
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"13⤵PID:5912
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"13⤵PID:4944
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"13⤵PID:552
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"13⤵PID:5852
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"13⤵PID:5864
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"14⤵PID:4848
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"3⤵PID:3740
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:1720
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:2592
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:1184
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:1464
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:3248
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:2488
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:3008
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"3⤵
- Checks computer location settings
PID:4612 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:632
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:2820
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:3652
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:672
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:4060
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:3848
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:3900
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:3664
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"4⤵
- Checks computer location settings
PID:4860 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:4520
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:4704
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:224
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:1684
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:3740
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:2352
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:1284
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:2160
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"5⤵PID:4200
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:5088
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"3⤵
- Checks computer location settings
PID:3988 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:2040
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:4492
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:2640
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:2092
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:3724
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:4888
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:2280
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:2068
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"4⤵
- Checks computer location settings
PID:3188 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:4856
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:3976
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:1580
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:2904
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:3764
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:4832
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:2676
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:920
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"5⤵
- Checks computer location settings
PID:4036 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:4476
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:4508
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:3120
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:5144
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:5180
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:5212
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:5248
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:5348
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"6⤵
- Checks computer location settings
PID:5384 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:5472
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:5604
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:5640
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:5672
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:5708
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:5740
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:5776
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:5872
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"7⤵PID:5908
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"8⤵PID:6004
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"8⤵PID:6060
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"8⤵PID:6136
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"8⤵PID:5264
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"8⤵PID:5308
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"8⤵PID:868
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"8⤵PID:4708
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"8⤵PID:2756
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"8⤵
- Checks computer location settings
PID:5508 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"9⤵PID:5320
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"9⤵PID:5288
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"9⤵PID:4276
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"9⤵PID:5404
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"9⤵PID:5916
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"9⤵PID:5956
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"9⤵PID:5452
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"9⤵PID:6096
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"9⤵
- Checks computer location settings
PID:5256 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"10⤵PID:3236
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"10⤵PID:1748
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"10⤵PID:4212
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"10⤵PID:5536
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"10⤵PID:5784
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"10⤵PID:448
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"10⤵PID:5824
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"10⤵PID:3396
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"10⤵
- Checks computer location settings
PID:6016 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"11⤵PID:5504
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"11⤵PID:2952
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"11⤵PID:4908
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"11⤵PID:6036
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"11⤵PID:6024
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"11⤵PID:5576
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"11⤵PID:3224
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"11⤵PID:2900
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"11⤵
- Checks computer location settings
PID:6040 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"12⤵PID:6120
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"12⤵PID:1820
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"12⤵PID:4440
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"12⤵PID:6076
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"12⤵PID:6048
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"12⤵PID:6032
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"12⤵PID:5868
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"12⤵PID:5812
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"12⤵PID:4200
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"13⤵PID:5524
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"13⤵PID:4516
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"13⤵PID:5420
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"3⤵
- Checks computer location settings
PID:1912 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:4840
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:2264
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:4972
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:3448
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:4392
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:1500
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:1984
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:3676
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"4⤵
- Checks computer location settings
PID:3396 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:3188
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:4048
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:2784
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:5156
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:5188
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:5224
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:5272
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:5376
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"5⤵
- Checks computer location settings
PID:5452 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:5544
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:5612
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:5648
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:5680
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:5716
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:5748
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:5800
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:5896
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"6⤵PID:5948
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"3⤵
- Checks computer location settings
PID:4200 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:1916
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:4412
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:5128
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:5164
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:5196
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:5232
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:5312
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:5412
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"4⤵PID:5524
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:5588
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:5624
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:5656
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:5692
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:5724
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:5760
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"3⤵PID:6068
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:6104
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:4844
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:5268
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:5328
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:3924
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:5424
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:5560
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:5284
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"4⤵
- Checks computer location settings
PID:4440 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:1012
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:536
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:5888
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:5924
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:5456
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:5960
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:6092
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:4680
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"5⤵
- Checks computer location settings
PID:5840 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:5428
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:5984
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:5932
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:5688
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:6088
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:2700
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:5988
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:5512
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"6⤵PID:5556
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:1788
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"3⤵
- Checks computer location settings
PID:1448 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:1852
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:5968
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:5564
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:5892
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:1240
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:5468
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:5400
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:2272
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"4⤵
- Checks computer location settings
PID:5832 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:1700
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:3480
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:4164
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:6016
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:3732
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:4376
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:5552
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:5580
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"5⤵
- Checks computer location settings
PID:4344 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:6180
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:6244
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:6260
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:6280
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:6296
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:6316
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:6332
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:6352
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"6⤵PID:6384
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:6436
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"3⤵
- Checks computer location settings
PID:6188 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:6228
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:6252
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:6272
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:6288
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:6308
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:6324
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:6344
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:6376
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"4⤵
- Checks computer location settings
PID:6472 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:6524
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:6576
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:6600
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:6632
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:6656
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:6676
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:6696
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:6712
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"5⤵PID:6736
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:6808
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:6920
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:6944
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:6972
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:6996
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:7024
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:7048
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:7076
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"6⤵PID:7100
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:7160
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"3⤵
- Checks computer location settings
PID:6504 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:6564
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:6584
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:6620
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:6640
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:6664
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:6684
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:6704
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:6744
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"4⤵
- Checks computer location settings
PID:6816 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:6876
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:6928
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:6956
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:6980
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:7008
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:7032
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:7060
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:7108
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"5⤵
- Checks computer location settings
PID:5256 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:1448
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:6304
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:6164
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:6364
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:6404
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:6424
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:6212
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:6192
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"6⤵
- Checks computer location settings
PID:6516 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:6596
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:6536
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:6904
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:7004
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:7092
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:7120
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:6896
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:6848
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"7⤵
- Checks computer location settings
PID:6816 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"8⤵PID:2388
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"8⤵PID:6484
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"8⤵PID:5408
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"8⤵PID:6760
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"8⤵PID:6736
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"8⤵PID:6824
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"8⤵PID:6768
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"8⤵PID:6868
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"8⤵
- Checks computer location settings
PID:6444 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"9⤵PID:7104
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"9⤵PID:7200
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"9⤵PID:7284
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"9⤵PID:7312
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"9⤵PID:7336
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"9⤵PID:7368
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"9⤵PID:7396
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"9⤵PID:7428
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"9⤵
- Checks computer location settings
PID:7468 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"10⤵PID:7512
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"10⤵PID:7600
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"10⤵PID:7700
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"10⤵PID:7748
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"10⤵PID:7784
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"10⤵PID:7812
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"10⤵PID:7880
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"10⤵PID:7908
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"10⤵
- Checks computer location settings
PID:7944 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"11⤵PID:7996
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"11⤵PID:8020
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"11⤵PID:8176
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"11⤵PID:7176
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"11⤵PID:7188
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"11⤵PID:7268
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"11⤵PID:3528
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"11⤵PID:1504
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"11⤵
- Checks computer location settings
PID:7508 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"12⤵PID:7548
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"12⤵PID:7584
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"12⤵PID:7756
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"12⤵PID:2116
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"12⤵PID:8052
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"12⤵PID:7660
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"12⤵PID:6408
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"12⤵PID:7708
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"12⤵PID:3600
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"13⤵PID:3932
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"13⤵PID:1256
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"13⤵PID:4756
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"3⤵PID:6868
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:6912
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:6936
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:6964
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:6988
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:7016
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:7040
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:7068
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"3⤵
- Checks computer location settings
PID:6224 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:2824
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:4608
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:884
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:5568
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:6428
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:6464
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:6480
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:6420
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"4⤵PID:6476
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:6796
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:6860
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:6952
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:6764
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:7116
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:7056
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:7136
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"3⤵
- Checks computer location settings
PID:6548 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:6844
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:6900
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:6776
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:7096
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:7152
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:6888
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:6836
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:7100
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"4⤵
- Checks computer location settings
PID:5368 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:6448
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:6732
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:5336
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:6388
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:6516
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:6488
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:6792
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:6460
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"5⤵
- Checks computer location settings
PID:6512 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:7252
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:7292
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:7320
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:7344
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:7380
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:7404
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:7436
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:7520
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"6⤵PID:7556
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:7632
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"3⤵
- Checks computer location settings
PID:6496 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:6720
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:6752
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:6492
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:6520
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:7128
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:6268
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:6540
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:6196
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"4⤵
- Checks computer location settings
PID:7208 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:7276
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:7300
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:7328
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:7352
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:7388
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:7412
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:7460
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:7528
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"5⤵
- Checks computer location settings
PID:7612 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:7676
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:7740
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:7776
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:7800
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:7828
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:7896
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:7972
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:8012
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"6⤵
- Checks computer location settings
PID:8060 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:8124
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:6788
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:4200
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:7224
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:4088
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:7444
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:6444
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:7624
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"7⤵PID:7592
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"8⤵PID:7576
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"3⤵
- Checks computer location settings
PID:7684 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:7724
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:7760
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:7792
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:7820
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:7888
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:7916
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:8004
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:8096
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"4⤵PID:8152
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:6188
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:5368
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:6648
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:6804
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:4288
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:6556
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:6512
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:7672
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"5⤵PID:7772
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:7952
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:2588
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:388
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:7616
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:8116
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:7688
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"3⤵
- Checks computer location settings
PID:7928 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:7904
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:1948
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:8072
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:8040
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:8164
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:3992
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:3052
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:1212
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"4⤵
- Checks computer location settings
PID:2908 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:7984
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:1740
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:7540
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:3700
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:8108
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:7232
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:8060
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:8188
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"5⤵
- Checks computer location settings
PID:8152 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:1440
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:3036
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:7536
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:7684
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:3612
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:7808
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:7772
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:7968
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"6⤵PID:7928
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:1424
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:7560
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:7932
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:4820
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:7732
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"7⤵PID:7936
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"3⤵
- Checks computer location settings
PID:7948 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:7568
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:5036
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:312
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:7480
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:8080
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:7212
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:7640
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:8168
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"4⤵
- Checks computer location settings
PID:3780 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:4348
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:7172
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:7420
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:8144
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:3016
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:4500
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:1736
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"5⤵PID:4472
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"5⤵PID:6508
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:2908
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:7484
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:7948
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:3588
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:6124
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"6⤵PID:7220
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"2⤵PID:3788
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"2⤵PID:2288
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"2⤵PID:2468
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"2⤵PID:2480
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"2⤵PID:692
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"2⤵PID:2696
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"2⤵PID:376
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"2⤵PID:2944
-
C:\Users\Admin\AppData\Local\Temp\869svchost.exe"C:\Users\Admin\AppData\Local\Temp\869svchost.exe"2⤵
- Executes dropped EXE
- Drops desktop.ini file(s)
- Drops file in Windows directory
PID:4984 -
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"2⤵
- Checks computer location settings
- Suspicious use of WriteProcessMemory
PID:1464 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"3⤵PID:3972
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"3⤵PID:3220
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"3⤵PID:3940
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"3⤵PID:1072
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"3⤵PID:4008
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"3⤵PID:2240
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"3⤵PID:436
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"3⤵PID:3552
-
C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\38f1754baf886606f992e6a76617624c_JaffaCakes118.exe"3⤵
- Suspicious use of WriteProcessMemory
PID:912 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"4⤵PID:2156
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
340KB
MD5204c0238a82a07c8503a2d546d80f649
SHA106db1a993a103ec2f383bd99c315eb2db50bb711
SHA256d303ba26f53117cb969379b4e4a4f6ac8544c39d5f94389832809a989aab94b5
SHA512539dc5b0fba36187fbc3f8b0b425433a5ec9c1e6da6c09e3273268fd0b70f398223866971a276e6042209a17847d49e8c20a8c362b968e1543122731d89d5a87
-
Filesize
1KB
MD5aa06f0b359a0b7cd9642fa3d5b94eb6a
SHA1d945b2c09c737fe2b62953312e2a2ab5d4dff944
SHA256eaa577215aaa27e42a4399b5d8e48976791ad73566ea5d098ba4d716dd6f150d
SHA512f72deba847e135b77634839e41a313a91554d0e2dc0103c0cd39eb7b91d60665557502fd0a06b70e77b3522c01f44b63b20f0d00e2560caf27ee06b8a7316ad6