c855562a0e4faee5dd5a5d4c290dd7574770c9d6be3337465ff382cb5e42b8cf

Analysis

max time kernel
94s
max time network
95s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
13/07/2024, 01:11 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll
Size

68KB
MD5

3f9b712be290d666c5242b4d22c274a1
SHA1

2f6af2b9fb80af0c3ec8ff2b29ab7d5ca9d25ef5
SHA256

c855562a0e4faee5dd5a5d4c290dd7574770c9d6be3337465ff382cb5e42b8cf
SHA512

311cb0f57b5b8f7df34d7d0771eb442da5952d151ebaaa0b5fe033a84afb52be2420beebd607b3b96e729539fc771c67aae1511367609dc59745e19baf84f9b9
SSDEEP

1536:jhT8neDbzaHOA/NMCyK54EqHhZnnkaE4i/:lT4syOoOnKFqBWh/

Score

1^/10

Malware Config

Signatures

Checks SCSI registry key(s) 3 TTPs 6 IoCs

SCSI information is often read in order to detect sandboxing environments.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\HardwareID	dwm.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000	dwm.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags	dwm.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000	dwm.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\ConfigFlags	dwm.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\HardwareID	dwm.exe

Enumerates system info in registry 2 TTPs 2 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU	dwm.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	dwm.exe

Modifies data under HKEY_USERS 18 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E	dwm.exe

Suspicious use of AdjustPrivilegeToken 6 IoCs

description	pid	Process
Token: SeCreateGlobalPrivilege	16828	dwm.exe
Token: SeChangeNotifyPrivilege	16828	dwm.exe
Token: 33	16828	dwm.exe
Token: SeIncBasePriorityPrivilege	16828	dwm.exe
Token: SeShutdownPrivilege	16828	dwm.exe
Token: SeCreatePagefilePrivilege	16828	dwm.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4260 wrote to memory of 2240	4260	rundll32.exe	83
PID 4260 wrote to memory of 2240	4260	rundll32.exe	83
PID 4260 wrote to memory of 2240	4260	rundll32.exe	83
PID 2240 wrote to memory of 3912	2240	rundll32.exe	84
PID 2240 wrote to memory of 3912	2240	rundll32.exe	84
PID 2240 wrote to memory of 3912	2240	rundll32.exe	84
PID 3912 wrote to memory of 3284	3912	rundll32.exe	85
PID 3912 wrote to memory of 3284	3912	rundll32.exe	85
PID 3912 wrote to memory of 3284	3912	rundll32.exe	85
PID 3284 wrote to memory of 2304	3284	rundll32.exe	86
PID 3284 wrote to memory of 2304	3284	rundll32.exe	86
PID 3284 wrote to memory of 2304	3284	rundll32.exe	86
PID 2304 wrote to memory of 3468	2304	rundll32.exe	87
PID 2304 wrote to memory of 3468	2304	rundll32.exe	87
PID 2304 wrote to memory of 3468	2304	rundll32.exe	87
PID 3468 wrote to memory of 5100	3468	rundll32.exe	88
PID 3468 wrote to memory of 5100	3468	rundll32.exe	88
PID 3468 wrote to memory of 5100	3468	rundll32.exe	88
PID 5100 wrote to memory of 4740	5100	rundll32.exe	89
PID 5100 wrote to memory of 4740	5100	rundll32.exe	89
PID 5100 wrote to memory of 4740	5100	rundll32.exe	89
PID 4740 wrote to memory of 1508	4740	rundll32.exe	90
PID 4740 wrote to memory of 1508	4740	rundll32.exe	90
PID 4740 wrote to memory of 1508	4740	rundll32.exe	90
PID 1508 wrote to memory of 2864	1508	rundll32.exe	91
PID 1508 wrote to memory of 2864	1508	rundll32.exe	91
PID 1508 wrote to memory of 2864	1508	rundll32.exe	91
PID 2864 wrote to memory of 2396	2864	rundll32.exe	92
PID 2864 wrote to memory of 2396	2864	rundll32.exe	92
PID 2864 wrote to memory of 2396	2864	rundll32.exe	92
PID 2396 wrote to memory of 4676	2396	rundll32.exe	93
PID 2396 wrote to memory of 4676	2396	rundll32.exe	93
PID 2396 wrote to memory of 4676	2396	rundll32.exe	93
PID 4676 wrote to memory of 1000	4676	rundll32.exe	94
PID 4676 wrote to memory of 1000	4676	rundll32.exe	94
PID 4676 wrote to memory of 1000	4676	rundll32.exe	94
PID 1000 wrote to memory of 3728	1000	rundll32.exe	95
PID 1000 wrote to memory of 3728	1000	rundll32.exe	95
PID 1000 wrote to memory of 3728	1000	rundll32.exe	95
PID 3728 wrote to memory of 2496	3728	rundll32.exe	96
PID 3728 wrote to memory of 2496	3728	rundll32.exe	96
PID 3728 wrote to memory of 2496	3728	rundll32.exe	96
PID 2496 wrote to memory of 2928	2496	rundll32.exe	97
PID 2496 wrote to memory of 2928	2496	rundll32.exe	97
PID 2496 wrote to memory of 2928	2496	rundll32.exe	97
PID 2928 wrote to memory of 3780	2928	rundll32.exe	98
PID 2928 wrote to memory of 3780	2928	rundll32.exe	98
PID 2928 wrote to memory of 3780	2928	rundll32.exe	98
PID 3780 wrote to memory of 5076	3780	rundll32.exe	99
PID 3780 wrote to memory of 5076	3780	rundll32.exe	99
PID 3780 wrote to memory of 5076	3780	rundll32.exe	99
PID 5076 wrote to memory of 4784	5076	rundll32.exe	100
PID 5076 wrote to memory of 4784	5076	rundll32.exe	100
PID 5076 wrote to memory of 4784	5076	rundll32.exe	100
PID 4784 wrote to memory of 2632	4784	rundll32.exe	101
PID 4784 wrote to memory of 2632	4784	rundll32.exe	101
PID 4784 wrote to memory of 2632	4784	rundll32.exe	101
PID 2632 wrote to memory of 644	2632	rundll32.exe	102
PID 2632 wrote to memory of 644	2632	rundll32.exe	102
PID 2632 wrote to memory of 644	2632	rundll32.exe	102
PID 644 wrote to memory of 2768	644	rundll32.exe	103
PID 644 wrote to memory of 2768	644	rundll32.exe	103
PID 644 wrote to memory of 2768	644	rundll32.exe	103
PID 2768 wrote to memory of 2264	2768	rundll32.exe	104

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:4260
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
  2⤵
  - Suspicious use of WriteProcessMemory
  PID:2240
- - C:\Windows\SysWOW64\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
    3⤵
    - Suspicious use of WriteProcessMemory
    PID:3912
  - - C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
      4⤵
      Suspicious use of WriteProcessMemory
      PID:3284
    - - C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        5⤵
        Suspicious use of WriteProcessMemory
        
        PID:2304
      - C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        6⤵
        Suspicious use of WriteProcessMemory
        
        PID:3468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        7⤵
        Suspicious use of WriteProcessMemory
        
        PID:5100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        8⤵
        Suspicious use of WriteProcessMemory
        
        PID:4740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        9⤵
        Suspicious use of WriteProcessMemory
        
        PID:1508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        10⤵
        Suspicious use of WriteProcessMemory
        
        PID:2864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        11⤵
        Suspicious use of WriteProcessMemory
        
        PID:2396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        12⤵
        Suspicious use of WriteProcessMemory
        
        PID:4676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        13⤵
        Suspicious use of WriteProcessMemory
        
        PID:1000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        14⤵
        Suspicious use of WriteProcessMemory
        
        PID:3728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        15⤵
        Suspicious use of WriteProcessMemory
        
        PID:2496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        16⤵
        Suspicious use of WriteProcessMemory
        
        PID:2928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        17⤵
        Suspicious use of WriteProcessMemory
        
        PID:3780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        18⤵
        Suspicious use of WriteProcessMemory
        
        PID:5076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        19⤵
        Suspicious use of WriteProcessMemory
        
        PID:4784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        20⤵
        Suspicious use of WriteProcessMemory
        
        PID:2632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        21⤵
        Suspicious use of WriteProcessMemory
        
        PID:644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        22⤵
        Suspicious use of WriteProcessMemory
        
        PID:2768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        23⤵
        
        PID:2264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        24⤵
        
        PID:4172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        25⤵
        
        PID:3924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        26⤵
        
        PID:4952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        27⤵
        
        PID:1276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        28⤵
        
        PID:4180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        29⤵
        
        PID:5116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        30⤵
        
        PID:1420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        31⤵
        
        PID:4460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        32⤵
        
        PID:4036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        33⤵
        
        PID:2016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        34⤵
        
        PID:3680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        35⤵
        
        PID:948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        36⤵
        
        PID:3700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        37⤵
        
        PID:1504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        38⤵
        
        PID:3172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        39⤵
        
        PID:3616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        40⤵
        
        PID:2948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        41⤵
        
        PID:4964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        42⤵
        
        PID:4016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        43⤵
        
        PID:2216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        44⤵
        
        PID:4756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        45⤵
        
        PID:4208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        46⤵
        
        PID:220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        47⤵
        
        PID:3432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        48⤵
        
        PID:4508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        49⤵
        
        PID:1464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        50⤵
        
        PID:2584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        51⤵
        
        PID:3844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        52⤵
        
        PID:4028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        53⤵
        
        PID:3676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        54⤵
        
        PID:3180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        55⤵
        
        PID:3684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        56⤵
        
        PID:3488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        57⤵
        
        PID:4316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        58⤵
        
        PID:3480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        59⤵
        
        PID:4812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        60⤵
        
        PID:396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        61⤵
        
        PID:4800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        62⤵
        
        PID:4420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        63⤵
        
        PID:4880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        64⤵
        
        PID:4396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        65⤵
        
        PID:1176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        66⤵
        
        PID:448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        67⤵
        
        PID:1328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        68⤵
        
        PID:4824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        69⤵
        
        PID:2172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        70⤵
        
        PID:3716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        71⤵
        
        PID:1460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        72⤵
        
        PID:4752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        73⤵
        
        PID:928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        74⤵
        
        PID:1212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        75⤵
        
        PID:2940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        76⤵
        
        PID:3068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        77⤵
        
        PID:1684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        78⤵
        
        PID:3108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        79⤵
        
        PID:3872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        80⤵
        
        PID:2900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        81⤵
        
        PID:2744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        82⤵
        
        PID:860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        83⤵
        
        PID:4516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        84⤵
        
        PID:2876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        85⤵
        
        PID:920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        86⤵
        
        PID:4124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        87⤵
        
        PID:3084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        88⤵
        
        PID:2484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        89⤵
        
        PID:1624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        90⤵
        
        PID:1940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        91⤵
        
        PID:4888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        92⤵
        
        PID:5016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        93⤵
        
        PID:884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        94⤵
        
        PID:2008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        95⤵
        
        PID:4088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        96⤵
        
        PID:2520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        97⤵
        
        PID:2140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        98⤵
        
        PID:4380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        99⤵
        
        PID:4360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        100⤵
        
        PID:4356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        101⤵
        
        PID:4212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        102⤵
        
        PID:3956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        103⤵
        
        PID:116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        104⤵
        
        PID:376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        105⤵
        
        PID:1096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        106⤵
        
        PID:2660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        107⤵
        
        PID:1988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        108⤵
        
        PID:2072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        109⤵
        
        PID:1292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        110⤵
        
        PID:2976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        111⤵
        
        PID:1064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        112⤵
        
        PID:3712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        113⤵
        
        PID:3832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        114⤵
        
        PID:3396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        115⤵
        
        PID:5124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        116⤵
        
        PID:5136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        117⤵
        
        PID:5152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        118⤵
        
        PID:5168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        119⤵
        
        PID:5180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        120⤵
        
        PID:5200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        121⤵
        
        PID:5216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        122⤵
        
        PID:5232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        123⤵
        
        PID:5248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        124⤵
        
        PID:5264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        125⤵
        
        PID:5280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        126⤵
        
        PID:5296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        127⤵
        
        PID:5308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        128⤵
        
        PID:5324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        129⤵
        
        PID:5340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        130⤵
        
        PID:5352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        131⤵
        
        PID:5368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        132⤵
        
        PID:5384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        133⤵
        
        PID:5400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        134⤵
        
        PID:5416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        135⤵
        
        PID:5432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        136⤵
        
        PID:5448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        137⤵
        
        PID:5464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        138⤵
        
        PID:5480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        139⤵
        
        PID:5496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        140⤵
        
        PID:5508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        141⤵
        
        PID:5524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        142⤵
        
        PID:5540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        143⤵
        
        PID:5556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        144⤵
        
        PID:5572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        145⤵
        
        PID:5588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        146⤵
        
        PID:5600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        147⤵
        
        PID:5620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        148⤵
        
        PID:5636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        149⤵
        
        PID:5648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        150⤵
        
        PID:5664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        151⤵
        
        PID:5680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        152⤵
        
        PID:5696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        153⤵
        
        PID:5712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        154⤵
        
        PID:5728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        155⤵
        
        PID:5744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        156⤵
        
        PID:5760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        157⤵
        
        PID:5776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        158⤵
        
        PID:5792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        159⤵
        
        PID:5808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        160⤵
        
        PID:5824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        161⤵
        
        PID:5840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        162⤵
        
        PID:5856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        163⤵
        
        PID:5872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        164⤵
        
        PID:5888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        165⤵
        
        PID:5900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        166⤵
        
        PID:5916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        167⤵
        
        PID:5932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        168⤵
        
        PID:5948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        169⤵
        
        PID:5964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        170⤵
        
        PID:5976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        171⤵
        
        PID:5992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        172⤵
        
        PID:6008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        173⤵
        
        PID:6020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        174⤵
        
        PID:6036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        175⤵
        
        PID:6052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        176⤵
        
        PID:6068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        177⤵
        
        PID:6084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        178⤵
        
        PID:6100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        179⤵
        
        PID:6116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        180⤵
        
        PID:6132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        181⤵
        
        PID:3752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        182⤵
        
        PID:2968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        183⤵
        
        PID:3984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        184⤵
        
        PID:648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        185⤵
        
        PID:2188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        186⤵
        
        PID:756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        187⤵
        
        PID:6152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        188⤵
        
        PID:6168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        189⤵
        
        PID:6180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        190⤵
        
        PID:6192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        191⤵
        
        PID:6208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        192⤵
        
        PID:6224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        193⤵
        
        PID:6240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        194⤵
        
        PID:6260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        195⤵
        
        PID:6276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        196⤵
        
        PID:6292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        197⤵
        
        PID:6308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        198⤵
        
        PID:6324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        199⤵
        
        PID:6340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        200⤵
        
        PID:6356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        201⤵
        
        PID:6372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        202⤵
        
        PID:6388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        203⤵
        
        PID:6404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        204⤵
        
        PID:6420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        205⤵
        
        PID:6436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        206⤵
        
        PID:6452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        207⤵
        
        PID:6468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        208⤵
        
        PID:6484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        209⤵
        
        PID:6500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        210⤵
        
        PID:6512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        211⤵
        
        PID:6524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        212⤵
        
        PID:6544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        213⤵
        
        PID:6560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        214⤵
        
        PID:6572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        215⤵
        
        PID:6588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        216⤵
        
        PID:6604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        217⤵
        
        PID:6620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        218⤵
        
        PID:6636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        219⤵
        
        PID:6652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        220⤵
        
        PID:6668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        221⤵
        
        PID:6684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        222⤵
        
        PID:6700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        223⤵
        
        PID:6716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        224⤵
        
        PID:6732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        225⤵
        
        PID:6744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        226⤵
        
        PID:6764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        227⤵
        
        PID:6784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        228⤵
        
        PID:6796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        229⤵
        
        PID:6812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        230⤵
        
        PID:6828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        231⤵
        
        PID:6844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        232⤵
        
        PID:6860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        233⤵
        
        PID:6876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        234⤵
        
        PID:6892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        235⤵
        
        PID:6908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        236⤵
        
        PID:6924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        237⤵
        
        PID:6940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        238⤵
        
        PID:6956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        239⤵
        
        PID:6968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        240⤵
        
        PID:6980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        241⤵
        
        PID:6992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        242⤵
        
        PID:7008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        243⤵
        
        PID:7024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        244⤵
        
        PID:7040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        245⤵
        
        PID:7056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        246⤵
        
        PID:7072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        247⤵
        
        PID:7084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        248⤵
        
        PID:7100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        249⤵
        
        PID:7116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        250⤵
        
        PID:7132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        251⤵
        
        PID:7148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        252⤵
        
        PID:7164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        253⤵
        
        PID:7180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        254⤵
        
        PID:7192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        255⤵
        
        PID:7208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        256⤵
        
        PID:7228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        257⤵
        
        PID:7244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        258⤵
        
        PID:7260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        259⤵
        
        PID:7272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        260⤵
        
        PID:7288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        261⤵
        
        PID:7304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        262⤵
        
        PID:7320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        263⤵
        
        PID:7332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        264⤵
        
        PID:7344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        265⤵
        
        PID:7360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        266⤵
        
        PID:7376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        267⤵
        
        PID:7392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        268⤵
        
        PID:7408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        269⤵
        
        PID:7424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        270⤵
        
        PID:7440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        271⤵
        
        PID:7456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        272⤵
        
        PID:7472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        273⤵
        
        PID:7488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        274⤵
        
        PID:7500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        275⤵
        
        PID:7520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        276⤵
        
        PID:7532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        277⤵
        
        PID:7544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        278⤵
        
        PID:7560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        279⤵
        
        PID:7576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        280⤵
        
        PID:7592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        281⤵
        
        PID:7604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        282⤵
        
        PID:7620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        283⤵
        
        PID:7632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        284⤵
        
        PID:7648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        285⤵
        
        PID:7664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        286⤵
        
        PID:7680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        287⤵
        
        PID:7696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        288⤵
        
        PID:7712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        289⤵
        
        PID:7724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        290⤵
        
        PID:7740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        291⤵
        
        PID:7756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        292⤵
        
        PID:7772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        293⤵
        
        PID:7788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        294⤵
        
        PID:7804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        295⤵
        
        PID:7816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        296⤵
        
        PID:7828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        297⤵
        
        PID:7840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        298⤵
        
        PID:7856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        299⤵
        
        PID:7876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        300⤵
        
        PID:7892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        301⤵
        
        PID:7904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        302⤵
        
        PID:7920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        303⤵
        
        PID:7936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        304⤵
        
        PID:7952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        305⤵
        
        PID:7968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        306⤵
        
        PID:7980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        307⤵
        
        PID:7996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        308⤵
        
        PID:8012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        309⤵
        
        PID:8028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        310⤵
        
        PID:8044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        311⤵
        
        PID:8060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        312⤵
        
        PID:8072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        313⤵
        
        PID:8088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        314⤵
        
        PID:8104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        315⤵
        
        PID:8120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        316⤵
        
        PID:8132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        317⤵
        
        PID:8148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        318⤵
        
        PID:8160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        319⤵
        
        PID:8176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        320⤵
        
        PID:7224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        321⤵
        
        PID:8208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        322⤵
        
        PID:8224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        323⤵
        
        PID:8240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        324⤵
        
        PID:8256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        325⤵
        
        PID:8272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        326⤵
        
        PID:8288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        327⤵
        
        PID:8304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        328⤵
        
        PID:8320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        329⤵
        
        PID:8336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        330⤵
        
        PID:8352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        331⤵
        
        PID:8368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        332⤵
        
        PID:8380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        333⤵
        
        PID:8396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        334⤵
        
        PID:8412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        335⤵
        
        PID:8428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        336⤵
        
        PID:8444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        337⤵
        
        PID:8460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        338⤵
        
        PID:8476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        339⤵
        
        PID:8492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        340⤵
        
        PID:8504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        341⤵
        
        PID:8520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        342⤵
        
        PID:8532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        343⤵
        
        PID:8552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        344⤵
        
        PID:8568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        345⤵
        
        PID:8584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        346⤵
        
        PID:8600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        347⤵
        
        PID:8616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        348⤵
        
        PID:8632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        349⤵
        
        PID:8648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        350⤵
        
        PID:8660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        351⤵
        
        PID:8676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        352⤵
        
        PID:8688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        353⤵
        
        PID:8704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        354⤵
        
        PID:8720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        355⤵
        
        PID:8736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        356⤵
        
        PID:8752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        357⤵
        
        PID:8764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        358⤵
        
        PID:8776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        359⤵
        
        PID:8788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        360⤵
        
        PID:8800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        361⤵
        
        PID:8816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        362⤵
        
        PID:8828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        363⤵
        
        PID:8844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        364⤵
        
        PID:8856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        365⤵
        
        PID:8872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        366⤵
        
        PID:8892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        367⤵
        
        PID:8908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        368⤵
        
        PID:8920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        369⤵
        
        PID:8936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        370⤵
        
        PID:8948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        371⤵
        
        PID:8968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        372⤵
        
        PID:8984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        373⤵
        
        PID:9000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        374⤵
        
        PID:9016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        375⤵
        
        PID:9032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        376⤵
        
        PID:9044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        377⤵
        
        PID:9060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        378⤵
        
        PID:9072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        379⤵
        
        PID:9088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        380⤵
        
        PID:9104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        381⤵
        
        PID:9120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        382⤵
        
        PID:9132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        383⤵
        
        PID:9148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        384⤵
        
        PID:9160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        385⤵
        
        PID:9184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        386⤵
        
        PID:9200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        387⤵
        
        PID:7872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        388⤵
        
        PID:9224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        389⤵
        
        PID:9240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        390⤵
        
        PID:9256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        391⤵
        
        PID:9276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        392⤵
        
        PID:9288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        393⤵
        
        PID:9300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        394⤵
        
        PID:9316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        395⤵
        
        PID:9332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        396⤵
        
        PID:9348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        397⤵
        
        PID:9360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        398⤵
        
        PID:9376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        399⤵
        
        PID:9392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        400⤵
        
        PID:9404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        401⤵
        
        PID:9420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        402⤵
        
        PID:9436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        403⤵
        
        PID:9452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        404⤵
        
        PID:9468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        405⤵
        
        PID:9480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        406⤵
        
        PID:9496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        407⤵
        
        PID:9508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        408⤵
        
        PID:9524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        409⤵
        
        PID:9540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        410⤵
        
        PID:9556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        411⤵
        
        PID:9572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        412⤵
        
        PID:9588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        413⤵
        
        PID:9604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        414⤵
        
        PID:9616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        415⤵
        
        PID:9632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        416⤵
        
        PID:9644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        417⤵
        
        PID:9660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        418⤵
        
        PID:9676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        419⤵
        
        PID:9688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        420⤵
        
        PID:9704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        421⤵
        
        PID:9716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        422⤵
        
        PID:9732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        423⤵
        
        PID:9748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        424⤵
        
        PID:9764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        425⤵
        
        PID:9780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        426⤵
        
        PID:9792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        427⤵
        
        PID:9812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        428⤵
        
        PID:9832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        429⤵
        
        PID:9848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        430⤵
        
        PID:9860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        431⤵
        
        PID:9872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        432⤵
        
        PID:9892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        433⤵
        
        PID:9908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        434⤵
        
        PID:9920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        435⤵
        
        PID:9936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        436⤵
        
        PID:9952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        437⤵
        
        PID:9968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        438⤵
        
        PID:9984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        439⤵
        
        PID:10000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        440⤵
        
        PID:10016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        441⤵
        
        PID:10028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        442⤵
        
        PID:10044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        443⤵
        
        PID:10060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        444⤵
        
        PID:10076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        445⤵
        
        PID:10092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        446⤵
        
        PID:10108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        447⤵
        
        PID:10120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        448⤵
        
        PID:10136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        449⤵
        
        PID:10152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        450⤵
        
        PID:10164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        451⤵
        
        PID:10180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        452⤵
        
        PID:10196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        453⤵
        
        PID:10212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        454⤵
        
        PID:10228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        455⤵
        
        PID:10244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        456⤵
        
        PID:10260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        457⤵
        
        PID:10276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        458⤵
        
        PID:10292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        459⤵
        
        PID:10308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        460⤵
        
        PID:10324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        461⤵
        
        PID:10340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        462⤵
        
        PID:10352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        463⤵
        
        PID:10364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        464⤵
        
        PID:10380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        465⤵
        
        PID:10396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        466⤵
        
        PID:10412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        467⤵
        
        PID:10424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        468⤵
        
        PID:10440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        469⤵
        
        PID:10452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        470⤵
        
        PID:10468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        471⤵
        
        PID:10484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        472⤵
        
        PID:10500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        473⤵
        
        PID:10516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        474⤵
        
        PID:10532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        475⤵
        
        PID:10544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        476⤵
        
        PID:10560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        477⤵
        
        PID:10576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        478⤵
        
        PID:10592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        479⤵
        
        PID:10608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        480⤵
        
        PID:10620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        481⤵
        
        PID:10636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        482⤵
        
        PID:10648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        483⤵
        
        PID:10664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        484⤵
        
        PID:10680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        485⤵
        
        PID:10696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        486⤵
        
        PID:10712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        487⤵
        
        PID:10728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        488⤵
        
        PID:10744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        489⤵
        
        PID:10756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        490⤵
        
        PID:10768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        491⤵
        
        PID:10784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        492⤵
        
        PID:10800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        493⤵
        
        PID:10816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        494⤵
        
        PID:10828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        495⤵
        
        PID:10840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        496⤵
        
        PID:10856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        497⤵
        
        PID:10872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        498⤵
        
        PID:10888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        499⤵
        
        PID:10900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        500⤵
        
        PID:10916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        501⤵
        
        PID:10932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        502⤵
        
        PID:10948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        503⤵
        
        PID:10960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        504⤵
        
        PID:10976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        505⤵
        
        PID:10988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        506⤵
        
        PID:11004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        507⤵
        
        PID:11020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        508⤵
        
        PID:11032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        509⤵
        
        PID:11048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        510⤵
        
        PID:11064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        511⤵
        
        PID:11080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        512⤵
        
        PID:11096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        513⤵
        
        PID:11108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        514⤵
        
        PID:11124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        515⤵
        
        PID:11140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        516⤵
        
        PID:11160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        517⤵
        
        PID:11176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        518⤵
        
        PID:11192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        519⤵
        
        PID:11208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        520⤵
        
        PID:11224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        521⤵
        
        PID:11240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        522⤵
        
        PID:11256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        523⤵
        
        PID:11268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        524⤵
        
        PID:11280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        525⤵
        
        PID:11296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        526⤵
        
        PID:11312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        527⤵
        
        PID:11328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        528⤵
        
        PID:11344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        529⤵
        
        PID:11360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        530⤵
        
        PID:11376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        531⤵
        
        PID:11388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        532⤵
        
        PID:11408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        533⤵
        
        PID:11424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        534⤵
        
        PID:11440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        535⤵
        
        PID:11456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        536⤵
        
        PID:11472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        537⤵
        
        PID:11484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        538⤵
        
        PID:11500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        539⤵
        
        PID:11516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        540⤵
        
        PID:11532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        541⤵
        
        PID:11548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        542⤵
        
        PID:11560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        543⤵
        
        PID:11572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        544⤵
        
        PID:11588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        545⤵
        
        PID:11600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        546⤵
        
        PID:11616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        547⤵
        
        PID:11632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        548⤵
        
        PID:11648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        549⤵
        
        PID:11664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        550⤵
        
        PID:11676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        551⤵
        
        PID:11692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        552⤵
        
        PID:11708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        553⤵
        
        PID:11720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        554⤵
        
        PID:11732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        555⤵
        
        PID:11748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        556⤵
        
        PID:11760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        557⤵
        
        PID:11776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        558⤵
        
        PID:11792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        559⤵
        
        PID:11808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        560⤵
        
        PID:11824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        561⤵
        
        PID:11840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        562⤵
        
        PID:11856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        563⤵
        
        PID:11872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        564⤵
        
        PID:11888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        565⤵
        
        PID:11904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        566⤵
        
        PID:11920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        567⤵
        
        PID:11936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        568⤵
        
        PID:11952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        569⤵
        
        PID:11968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        570⤵
        
        PID:11984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        571⤵
        
        PID:11996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        572⤵
        
        PID:12008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        573⤵
        
        PID:12024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        574⤵
        
        PID:12040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        575⤵
        
        PID:12056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        576⤵
        
        PID:12072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        577⤵
        
        PID:12084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        578⤵
        
        PID:12100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        579⤵
        
        PID:12116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        580⤵
        
        PID:12132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        581⤵
        
        PID:12148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        582⤵
        
        PID:12164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        583⤵
        
        PID:12180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        584⤵
        
        PID:12196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        585⤵
        
        PID:12212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        586⤵
        
        PID:12228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        587⤵
        
        PID:12240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        588⤵
        
        PID:12256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        589⤵
        
        PID:12268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        590⤵
        
        PID:12280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        591⤵
        
        PID:11768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        592⤵
        
        PID:12300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        593⤵
        
        PID:12316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        594⤵
        
        PID:12328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        595⤵
        
        PID:12340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        596⤵
        
        PID:12356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        597⤵
        
        PID:12372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        598⤵
        
        PID:12384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        599⤵
        
        PID:12400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        600⤵
        
        PID:12416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        601⤵
        
        PID:12432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        602⤵
        
        PID:12448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        603⤵
        
        PID:12464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        604⤵
        
        PID:12480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        605⤵
        
        PID:12496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        606⤵
        
        PID:12512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        607⤵
        
        PID:12528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        608⤵
        
        PID:12544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        609⤵
        
        PID:12560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        610⤵
        
        PID:12572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        611⤵
        
        PID:12592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        612⤵
        
        PID:12608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        613⤵
        
        PID:12624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        614⤵
        
        PID:12636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        615⤵
        
        PID:12652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        616⤵
        
        PID:12664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        617⤵
        
        PID:12684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        618⤵
        
        PID:12696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        619⤵
        
        PID:12712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        620⤵
        
        PID:12724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        621⤵
        
        PID:12740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        622⤵
        
        PID:12756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        623⤵
        
        PID:12772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        624⤵
        
        PID:12788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        625⤵
        
        PID:12800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        626⤵
        
        PID:12816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        627⤵
        
        PID:12828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        628⤵
        
        PID:12844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        629⤵
        
        PID:12860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        630⤵
        
        PID:12876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        631⤵
        
        PID:12892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        632⤵
        
        PID:12908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        633⤵
        
        PID:12924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        634⤵
        
        PID:12936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        635⤵
        
        PID:12948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        636⤵
        
        PID:12964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        637⤵
        
        PID:12976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        638⤵
        
        PID:12992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        639⤵
        
        PID:13004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        640⤵
        
        PID:13020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        641⤵
        
        PID:13036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        642⤵
        
        PID:13052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        643⤵
        
        PID:13068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        644⤵
        
        PID:13084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        645⤵
        
        PID:13100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        646⤵
        
        PID:13116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        647⤵
        
        PID:13132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        648⤵
        
        PID:13148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        649⤵
        
        PID:13164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        650⤵
        
        PID:13180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        651⤵
        
        PID:13196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        652⤵
        
        PID:13212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        653⤵
        
        PID:13224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        654⤵
        
        PID:13236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        655⤵
        
        PID:13252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        656⤵
        
        PID:13268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        657⤵
        
        PID:13280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        658⤵
        
        PID:13296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        659⤵
        
        PID:12392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        660⤵
        
        PID:13328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        661⤵
        
        PID:13344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        662⤵
        
        PID:13356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        663⤵
        
        PID:13372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        664⤵
        
        PID:13384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        665⤵
        
        PID:13396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        666⤵
        
        PID:13412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        667⤵
        
        PID:13428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        668⤵
        
        PID:13444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        669⤵
        
        PID:13460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        670⤵
        
        PID:13476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        671⤵
        
        PID:13492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        672⤵
        
        PID:13508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        673⤵
        
        PID:13524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        674⤵
        
        PID:13540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        675⤵
        
        PID:13556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        676⤵
        
        PID:13572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        677⤵
        
        PID:13588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        678⤵
        
        PID:13600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        679⤵
        
        PID:13616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        680⤵
        
        PID:13628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        681⤵
        
        PID:13644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        682⤵
        
        PID:13656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        683⤵
        
        PID:13672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        684⤵
        
        PID:13688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        685⤵
        
        PID:13704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        686⤵
        
        PID:13720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        687⤵
        
        PID:13736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        688⤵
        
        PID:13752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        689⤵
        
        PID:13768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        690⤵
        
        PID:13788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        691⤵
        
        PID:13804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        692⤵
        
        PID:13820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        693⤵
        
        PID:13836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        694⤵
        
        PID:13852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        695⤵
        
        PID:13868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        696⤵
        
        PID:13884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        697⤵
        
        PID:13896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        698⤵
        
        PID:13912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        699⤵
        
        PID:13924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        700⤵
        
        PID:13944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        701⤵
        
        PID:13956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        702⤵
        
        PID:13972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        703⤵
        
        PID:13988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        704⤵
        
        PID:14004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        705⤵
        
        PID:14036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        706⤵
        
        PID:14052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        707⤵
        
        PID:14064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        708⤵
        
        PID:14076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        709⤵
        
        PID:14092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        710⤵
        
        PID:14108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        711⤵
        
        PID:14124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        712⤵
        
        PID:14140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        713⤵
        
        PID:14156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        714⤵
        
        PID:14168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        715⤵
        
        PID:14184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        716⤵
        
        PID:14196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        717⤵
        
        PID:14216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        718⤵
        
        PID:14232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        719⤵
        
        PID:14244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        720⤵
        
        PID:14260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        721⤵
        
        PID:14276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        722⤵
        
        PID:14296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        723⤵
        
        PID:14312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        724⤵
        
        PID:14324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        725⤵
        
        PID:13060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        726⤵
        
        PID:14348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        727⤵
        
        PID:14364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        728⤵
        
        PID:14380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        729⤵
        
        PID:14392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        730⤵
        
        PID:14404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        731⤵
        
        PID:14416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        732⤵
        
        PID:14432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        733⤵
        
        PID:14452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        734⤵
        
        PID:14468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        735⤵
        
        PID:14484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        736⤵
        
        PID:14496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        737⤵
        
        PID:14508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        738⤵
        
        PID:14524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        739⤵
        
        PID:14540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        740⤵
        
        PID:14556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        741⤵
        
        PID:14568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        742⤵
        
        PID:14580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        743⤵
        
        PID:14600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        744⤵
        
        PID:14612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        745⤵
        
        PID:14632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        746⤵
        
        PID:14648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        747⤵
        
        PID:14660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        748⤵
        
        PID:14676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        749⤵
        
        PID:14692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        750⤵
        
        PID:14708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        751⤵
        
        PID:14724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        752⤵
        
        PID:14736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        753⤵
        
        PID:14748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        754⤵
        
        PID:14764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        755⤵
        
        PID:14780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        756⤵
        
        PID:14796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        757⤵
        
        PID:14812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        758⤵
        
        PID:14828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        759⤵
        
        PID:14840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        760⤵
        
        PID:14856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        761⤵
        
        PID:14868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        762⤵
        
        PID:14880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        763⤵
        
        PID:14892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        764⤵
        
        PID:14908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        765⤵
        
        PID:14924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        766⤵
        
        PID:14940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        767⤵
        
        PID:14956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        768⤵
        
        PID:14972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        769⤵
        
        PID:14988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        770⤵
        
        PID:15004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        771⤵
        
        PID:15016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        772⤵
        
        PID:15032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        773⤵
        
        PID:15048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        774⤵
        
        PID:15064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        775⤵
        
        PID:15080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        776⤵
        
        PID:15096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        777⤵
        
        PID:15112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        778⤵
        
        PID:15128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        779⤵
        
        PID:15144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        780⤵
        
        PID:15160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        781⤵
        
        PID:15172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        782⤵
        
        PID:15188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        783⤵
        
        PID:15204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        784⤵
        
        PID:15216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        785⤵
        
        PID:15228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        786⤵
        
        PID:15244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        787⤵
        
        PID:15260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        788⤵
        
        PID:15276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        789⤵
        
        PID:15292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        790⤵
        
        PID:15304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        791⤵
        
        PID:15316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        792⤵
        
        PID:15332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        793⤵
        
        PID:15348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        794⤵
        
        PID:14440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        795⤵
        
        PID:5092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        796⤵
        
        PID:2324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        797⤵
        
        PID:15376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        798⤵
        
        PID:15392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        799⤵
        
        PID:15408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        800⤵
        
        PID:15424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        801⤵
        
        PID:15440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        802⤵
        
        PID:15456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        803⤵
        
        PID:15468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        804⤵
        
        PID:15484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        805⤵
        
        PID:15496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        806⤵
        
        PID:15508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        807⤵
        
        PID:15524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        808⤵
        
        PID:15540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        809⤵
        
        PID:15556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        810⤵
        
        PID:15572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        811⤵
        
        PID:15588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        812⤵
        
        PID:15604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        813⤵
        
        PID:15620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        814⤵
        
        PID:15632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        815⤵
        
        PID:15652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        816⤵
        
        PID:15668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        817⤵
        
        PID:15684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        818⤵
        
        PID:15700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        819⤵
        
        PID:15716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        820⤵
        
        PID:15732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        821⤵
        
        PID:15748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        822⤵
        
        PID:15764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        823⤵
        
        PID:15780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        824⤵
        
        PID:15796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        825⤵
        
        PID:15812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        826⤵
        
        PID:15824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        827⤵
        
        PID:15840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        828⤵
        
        PID:15856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        829⤵
        
        PID:15872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        830⤵
        
        PID:15888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        831⤵
        
        PID:15904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        832⤵
        
        PID:15916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        833⤵
        
        PID:15936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        834⤵
        
        PID:15952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        835⤵
        
        PID:15964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        836⤵
        
        PID:15980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        837⤵
        
        PID:15996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        838⤵
        
        PID:16012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        839⤵
        
        PID:16028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        840⤵
        
        PID:16044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        841⤵
        
        PID:16056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        842⤵
        
        PID:16072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        843⤵
        
        PID:16088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        844⤵
        
        PID:16104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        845⤵
        
        PID:16120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        846⤵
        
        PID:16132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        847⤵
        
        PID:16148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        848⤵
        
        PID:16164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        849⤵
        
        PID:16180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        850⤵
        
        PID:16196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        851⤵
        
        PID:16208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        852⤵
        
        PID:16224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        853⤵
        
        PID:16240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        854⤵
        
        PID:16256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        855⤵
        
        PID:16272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        856⤵
        
        PID:16284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        857⤵
        
        PID:16304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        858⤵
        
        PID:16320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        859⤵
        
        PID:16332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        860⤵
        
        PID:16352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        861⤵
        
        PID:16364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        862⤵
        
        PID:15024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        863⤵
        
        PID:16396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        864⤵
        
        PID:16412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        865⤵
        
        PID:16428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        866⤵
        
        PID:16444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        867⤵
        
        PID:16460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        868⤵
        
        PID:16472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        869⤵
        
        PID:16488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        870⤵
        
        PID:16504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        871⤵
        
        PID:16520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        872⤵
        
        PID:16536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        873⤵
        
        PID:16552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        874⤵
        
        PID:16568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        875⤵
        
        PID:16584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        876⤵
        
        PID:16600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        877⤵
        
        PID:16612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\3f9b712be290d666c5242b4d22c274a1_JaffaCakes118.dll,#1
        878⤵
        
        PID:16628

C:\Windows\system32\dwm.exe
"dwm.exe"
1⤵
- Checks SCSI registry key(s)
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious use of AdjustPrivilegeToken
PID:16828

Network

DNS

8.8.8.8.in-addr.arpa

Remote address:

8.8.8.8:53

Request

8.8.8.8.in-addr.arpa

IN PTR

Response

8.8.8.8.in-addr.arpa

IN PTR

dnsgoogle
DNS

71.31.126.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

71.31.126.40.in-addr.arpa

IN PTR

Response
DNS

172.210.232.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

172.210.232.199.in-addr.arpa

IN PTR

Response
DNS

26.165.165.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

26.165.165.52.in-addr.arpa

IN PTR

Response
DNS

198.187.3.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

198.187.3.20.in-addr.arpa

IN PTR

Response
DNS

147.142.123.92.in-addr.arpa

Remote address:

8.8.8.8:53

Request

147.142.123.92.in-addr.arpa

IN PTR

Response

147.142.123.92.in-addr.arpa

IN PTR

a92-123-142-147deploystaticakamaitechnologiescom
DNS

11.227.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

11.227.111.52.in-addr.arpa

IN PTR

Response

No results found

8.8.8.8:53

8.8.8.8.in-addr.arpa

dns

66 B
90 B
1
1

DNS Request

8.8.8.8.in-addr.arpa
8.8.8.8:53

71.31.126.40.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

71.31.126.40.in-addr.arpa
8.8.8.8:53

172.210.232.199.in-addr.arpa

dns

74 B
128 B
1
1

DNS Request

172.210.232.199.in-addr.arpa
8.8.8.8:53

26.165.165.52.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

26.165.165.52.in-addr.arpa
8.8.8.8:53

198.187.3.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

198.187.3.20.in-addr.arpa
8.8.8.8:53

147.142.123.92.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

147.142.123.92.in-addr.arpa
8.8.8.8:53

11.227.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

11.227.111.52.in-addr.arpa

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/16536-4-0x0000000074C20000-0x0000000074EA4000-memory.dmp

Filesize
2.5MB

Download
memory/16552-3-0x0000000074C20000-0x0000000074EA4000-memory.dmp

Filesize
2.5MB

Download
memory/16568-2-0x0000000074C20000-0x0000000074EA4000-memory.dmp

Filesize
2.5MB

Download
memory/16584-1-0x0000000074C20000-0x0000000074EA4000-memory.dmp

Filesize
2.5MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.