43d0e290e9e62c39181b89a74bb39a53cb0e474f8873ac854c96879ef7692978

Analysis

max time kernel
119s
max time network
148s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
15/07/2024, 16:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll
Size

281KB
MD5

4a8826a7b87e15ec748820109c4124ae
SHA1

1830bcd2e037298e10681a2cb75cc283f607cdce
SHA256

43d0e290e9e62c39181b89a74bb39a53cb0e474f8873ac854c96879ef7692978
SHA512

24266943127d05880b7971fe2c50b39a8042c87ba3f5dc0bfb63c67397254f75570273703241fe5d830c945d576ce5a1434c335fc6a65af57e87bcc14028324e
SSDEEP

6144:crIYfo5EcZQS6wYkQ+Yjut9Z2MH17KcUD1R6xg:dY/EQhu7Z2MV7KxD1t

Score

1^/10

Malware Config

Signatures

Checks SCSI registry key(s) 3 TTPs 6 IoCs

SCSI information is often read in order to detect sandboxing environments.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\HardwareID	dwm.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000	dwm.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags	dwm.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000	dwm.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\ConfigFlags	dwm.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\HardwareID	dwm.exe

Enumerates system info in registry 2 TTPs 2 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	dwm.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU	dwm.exe

Modifies data under HKEY_USERS 18 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople	dwm.exe

Suspicious use of AdjustPrivilegeToken 6 IoCs

description	pid	Process
Token: SeCreateGlobalPrivilege	17316	dwm.exe
Token: SeChangeNotifyPrivilege	17316	dwm.exe
Token: 33	17316	dwm.exe
Token: SeIncBasePriorityPrivilege	17316	dwm.exe
Token: SeShutdownPrivilege	17316	dwm.exe
Token: SeCreatePagefilePrivilege	17316	dwm.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2760 wrote to memory of 4156	2760	rundll32.exe	83
PID 2760 wrote to memory of 4156	2760	rundll32.exe	83
PID 2760 wrote to memory of 4156	2760	rundll32.exe	83
PID 4156 wrote to memory of 928	4156	rundll32.exe	85
PID 4156 wrote to memory of 928	4156	rundll32.exe	85
PID 4156 wrote to memory of 928	4156	rundll32.exe	85
PID 928 wrote to memory of 2228	928	rundll32.exe	86
PID 928 wrote to memory of 2228	928	rundll32.exe	86
PID 928 wrote to memory of 2228	928	rundll32.exe	86
PID 2228 wrote to memory of 2148	2228	rundll32.exe	87
PID 2228 wrote to memory of 2148	2228	rundll32.exe	87
PID 2228 wrote to memory of 2148	2228	rundll32.exe	87
PID 2148 wrote to memory of 1376	2148	rundll32.exe	88
PID 2148 wrote to memory of 1376	2148	rundll32.exe	88
PID 2148 wrote to memory of 1376	2148	rundll32.exe	88
PID 1376 wrote to memory of 1208	1376	rundll32.exe	89
PID 1376 wrote to memory of 1208	1376	rundll32.exe	89
PID 1376 wrote to memory of 1208	1376	rundll32.exe	89
PID 1208 wrote to memory of 1088	1208	rundll32.exe	90
PID 1208 wrote to memory of 1088	1208	rundll32.exe	90
PID 1208 wrote to memory of 1088	1208	rundll32.exe	90
PID 1088 wrote to memory of 1236	1088	rundll32.exe	91
PID 1088 wrote to memory of 1236	1088	rundll32.exe	91
PID 1088 wrote to memory of 1236	1088	rundll32.exe	91
PID 1236 wrote to memory of 3648	1236	rundll32.exe	92
PID 1236 wrote to memory of 3648	1236	rundll32.exe	92
PID 1236 wrote to memory of 3648	1236	rundll32.exe	92
PID 3648 wrote to memory of 2220	3648	rundll32.exe	93
PID 3648 wrote to memory of 2220	3648	rundll32.exe	93
PID 3648 wrote to memory of 2220	3648	rundll32.exe	93
PID 2220 wrote to memory of 3976	2220	rundll32.exe	95
PID 2220 wrote to memory of 3976	2220	rundll32.exe	95
PID 2220 wrote to memory of 3976	2220	rundll32.exe	95
PID 3976 wrote to memory of 116	3976	rundll32.exe	96
PID 3976 wrote to memory of 116	3976	rundll32.exe	96
PID 3976 wrote to memory of 116	3976	rundll32.exe	96
PID 116 wrote to memory of 1644	116	rundll32.exe	97
PID 116 wrote to memory of 1644	116	rundll32.exe	97
PID 116 wrote to memory of 1644	116	rundll32.exe	97
PID 1644 wrote to memory of 1640	1644	rundll32.exe	98
PID 1644 wrote to memory of 1640	1644	rundll32.exe	98
PID 1644 wrote to memory of 1640	1644	rundll32.exe	98
PID 1640 wrote to memory of 1156	1640	rundll32.exe	99
PID 1640 wrote to memory of 1156	1640	rundll32.exe	99
PID 1640 wrote to memory of 1156	1640	rundll32.exe	99
PID 1156 wrote to memory of 4192	1156	rundll32.exe	100
PID 1156 wrote to memory of 4192	1156	rundll32.exe	100
PID 1156 wrote to memory of 4192	1156	rundll32.exe	100
PID 4192 wrote to memory of 3020	4192	rundll32.exe	101
PID 4192 wrote to memory of 3020	4192	rundll32.exe	101
PID 4192 wrote to memory of 3020	4192	rundll32.exe	101
PID 3020 wrote to memory of 3232	3020	rundll32.exe	102
PID 3020 wrote to memory of 3232	3020	rundll32.exe	102
PID 3020 wrote to memory of 3232	3020	rundll32.exe	102
PID 3232 wrote to memory of 440	3232	rundll32.exe	104
PID 3232 wrote to memory of 440	3232	rundll32.exe	104
PID 3232 wrote to memory of 440	3232	rundll32.exe	104
PID 440 wrote to memory of 1880	440	rundll32.exe	105
PID 440 wrote to memory of 1880	440	rundll32.exe	105
PID 440 wrote to memory of 1880	440	rundll32.exe	105
PID 1880 wrote to memory of 4256	1880	rundll32.exe	106
PID 1880 wrote to memory of 4256	1880	rundll32.exe	106
PID 1880 wrote to memory of 4256	1880	rundll32.exe	106
PID 4256 wrote to memory of 1956	4256	rundll32.exe	107

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2760
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
  2⤵
  - Suspicious use of WriteProcessMemory
  PID:4156
- - C:\Windows\SysWOW64\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
    3⤵
    - Suspicious use of WriteProcessMemory
    PID:928
  - - C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
      4⤵
      Suspicious use of WriteProcessMemory
      PID:2228
    - - C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        5⤵
        Suspicious use of WriteProcessMemory
        
        PID:2148
      - C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        6⤵
        Suspicious use of WriteProcessMemory
        
        PID:1376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        7⤵
        Suspicious use of WriteProcessMemory
        
        PID:1208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        8⤵
        Suspicious use of WriteProcessMemory
        
        PID:1088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        9⤵
        Suspicious use of WriteProcessMemory
        
        PID:1236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        10⤵
        Suspicious use of WriteProcessMemory
        
        PID:3648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        11⤵
        Suspicious use of WriteProcessMemory
        
        PID:2220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        12⤵
        Suspicious use of WriteProcessMemory
        
        PID:3976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        13⤵
        Suspicious use of WriteProcessMemory
        
        PID:116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        14⤵
        Suspicious use of WriteProcessMemory
        
        PID:1644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        15⤵
        Suspicious use of WriteProcessMemory
        
        PID:1640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        16⤵
        Suspicious use of WriteProcessMemory
        
        PID:1156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        17⤵
        Suspicious use of WriteProcessMemory
        
        PID:4192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        18⤵
        Suspicious use of WriteProcessMemory
        
        PID:3020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        19⤵
        Suspicious use of WriteProcessMemory
        
        PID:3232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        20⤵
        Suspicious use of WriteProcessMemory
        
        PID:440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        21⤵
        Suspicious use of WriteProcessMemory
        
        PID:1880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        22⤵
        Suspicious use of WriteProcessMemory
        
        PID:4256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        23⤵
        
        PID:1956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        24⤵
        
        PID:3660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        25⤵
        
        PID:456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        26⤵
        
        PID:2328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        27⤵
        
        PID:796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        28⤵
        
        PID:2844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        29⤵
        
        PID:4944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        30⤵
        
        PID:8
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        31⤵
        
        PID:4392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        32⤵
        
        PID:4656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        33⤵
        
        PID:1340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        34⤵
        
        PID:632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        35⤵
        
        PID:2444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        36⤵
        
        PID:4404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        37⤵
        
        PID:748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        38⤵
        
        PID:5076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        39⤵
        
        PID:1840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        40⤵
        
        PID:3052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        41⤵
        
        PID:4588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        42⤵
        
        PID:4796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        43⤵
        
        PID:2384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        44⤵
        
        PID:972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        45⤵
        
        PID:4364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        46⤵
        
        PID:4452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        47⤵
        
        PID:4972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        48⤵
        
        PID:3000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        49⤵
        
        PID:4824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        50⤵
        
        PID:112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        51⤵
        
        PID:2268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        52⤵
        
        PID:4932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        53⤵
        
        PID:4484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        54⤵
        
        PID:4592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        55⤵
        
        PID:4556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        56⤵
        
        PID:2344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        57⤵
        
        PID:4116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        58⤵
        
        PID:3988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        59⤵
        
        PID:4276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        60⤵
        
        PID:4812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        61⤵
        
        PID:2864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        62⤵
        
        PID:2752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        63⤵
        
        PID:2180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        64⤵
        
        PID:3012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        65⤵
        
        PID:3832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        66⤵
        
        PID:4316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        67⤵
        
        PID:3916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        68⤵
        
        PID:2632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        69⤵
        
        PID:3364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        70⤵
        
        PID:3496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        71⤵
        
        PID:1884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        72⤵
        
        PID:2720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        73⤵
        
        PID:1216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        74⤵
        
        PID:4340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        75⤵
        
        PID:1464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        76⤵
        
        PID:216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        77⤵
        
        PID:1560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        78⤵
        
        PID:1848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        79⤵
        
        PID:1548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        80⤵
        
        PID:2592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        81⤵
        
        PID:3964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        82⤵
        
        PID:2556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        83⤵
        
        PID:1368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        84⤵
        
        PID:4084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        85⤵
        
        PID:3472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        86⤵
        
        PID:4236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        87⤵
        
        PID:2732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        88⤵
        
        PID:1020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        89⤵
        
        PID:4800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        90⤵
        
        PID:3712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        91⤵
        
        PID:1620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        92⤵
        
        PID:4488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        93⤵
        
        PID:536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        94⤵
        
        PID:4756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        95⤵
        
        PID:940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        96⤵
        
        PID:1028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        97⤵
        
        PID:3228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        98⤵
        
        PID:3064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        99⤵
        
        PID:4152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        100⤵
        
        PID:4260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        101⤵
        
        PID:4868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        102⤵
        
        PID:5132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        103⤵
        
        PID:5152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        104⤵
        
        PID:5168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        105⤵
        
        PID:5184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        106⤵
        
        PID:5196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        107⤵
        
        PID:5208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        108⤵
        
        PID:5228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        109⤵
        
        PID:5244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        110⤵
        
        PID:5256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        111⤵
        
        PID:5272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        112⤵
        
        PID:5288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        113⤵
        
        PID:5308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        114⤵
        
        PID:5320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        115⤵
        
        PID:5336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        116⤵
        
        PID:5356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        117⤵
        
        PID:5372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        118⤵
        
        PID:5384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        119⤵
        
        PID:5400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        120⤵
        
        PID:5416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        121⤵
        
        PID:5432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        122⤵
        
        PID:5448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        123⤵
        
        PID:5464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        124⤵
        
        PID:5476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        125⤵
        
        PID:5496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        126⤵
        
        PID:5516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        127⤵
        
        PID:5532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        128⤵
        
        PID:5548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        129⤵
        
        PID:5564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        130⤵
        
        PID:5576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        131⤵
        
        PID:5596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        132⤵
        
        PID:5612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        133⤵
        
        PID:5628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        134⤵
        
        PID:5640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        135⤵
        
        PID:5656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        136⤵
        
        PID:5668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        137⤵
        
        PID:5684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        138⤵
        
        PID:5700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        139⤵
        
        PID:5716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        140⤵
        
        PID:5732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        141⤵
        
        PID:5748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        142⤵
        
        PID:5760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        143⤵
        
        PID:5772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        144⤵
        
        PID:5784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        145⤵
        
        PID:5800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        146⤵
        
        PID:5816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        147⤵
        
        PID:5832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        148⤵
        
        PID:5844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        149⤵
        
        PID:5860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        150⤵
        
        PID:5876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        151⤵
        
        PID:5892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        152⤵
        
        PID:5904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        153⤵
        
        PID:5916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        154⤵
        
        PID:5932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        155⤵
        
        PID:5948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        156⤵
        
        PID:5964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        157⤵
        
        PID:5976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        158⤵
        
        PID:5988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        159⤵
        
        PID:6004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        160⤵
        
        PID:6020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        161⤵
        
        PID:6036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        162⤵
        
        PID:6052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        163⤵
        
        PID:6068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        164⤵
        
        PID:6084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        165⤵
        
        PID:6100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        166⤵
        
        PID:6116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        167⤵
        
        PID:6132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        168⤵
        
        PID:6148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        169⤵
        
        PID:6164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        170⤵
        
        PID:6180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        171⤵
        
        PID:6196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        172⤵
        
        PID:6208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        173⤵
        
        PID:6220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        174⤵
        
        PID:6236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        175⤵
        
        PID:6256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        176⤵
        
        PID:6272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        177⤵
        
        PID:6292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        178⤵
        
        PID:6308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        179⤵
        
        PID:6324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        180⤵
        
        PID:6340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        181⤵
        
        PID:6356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        182⤵
        
        PID:6368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        183⤵
        
        PID:6380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        184⤵
        
        PID:6392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        185⤵
        
        PID:6404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        186⤵
        
        PID:6420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        187⤵
        
        PID:6436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        188⤵
        
        PID:6452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        189⤵
        
        PID:6468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        190⤵
        
        PID:6484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        191⤵
        
        PID:6500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        192⤵
        
        PID:6516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        193⤵
        
        PID:6528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        194⤵
        
        PID:6544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        195⤵
        
        PID:6556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        196⤵
        
        PID:6576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        197⤵
        
        PID:6588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        198⤵
        
        PID:6604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        199⤵
        
        PID:6616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        200⤵
        
        PID:6632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        201⤵
        
        PID:6652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        202⤵
        
        PID:6668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        203⤵
        
        PID:6680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        204⤵
        
        PID:6692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        205⤵
        
        PID:6708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        206⤵
        
        PID:6724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        207⤵
        
        PID:6740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        208⤵
        
        PID:6756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        209⤵
        
        PID:6772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        210⤵
        
        PID:6788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        211⤵
        
        PID:6804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        212⤵
        
        PID:6820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        213⤵
        
        PID:6836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        214⤵
        
        PID:6852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        215⤵
        
        PID:6872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        216⤵
        
        PID:6888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        217⤵
        
        PID:6904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        218⤵
        
        PID:6920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        219⤵
        
        PID:6936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        220⤵
        
        PID:6952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        221⤵
        
        PID:6968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        222⤵
        
        PID:6984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        223⤵
        
        PID:7000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        224⤵
        
        PID:7016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        225⤵
        
        PID:7032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        226⤵
        
        PID:7044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        227⤵
        
        PID:7060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        228⤵
        
        PID:7080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        229⤵
        
        PID:7092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        230⤵
        
        PID:7108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        231⤵
        
        PID:7124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        232⤵
        
        PID:7140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        233⤵
        
        PID:7152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        234⤵
        
        PID:4500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        235⤵
        
        PID:5036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        236⤵
        
        PID:4524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        237⤵
        
        PID:420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        238⤵
        
        PID:1700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        239⤵
        
        PID:2552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        240⤵
        
        PID:880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        241⤵
        
        PID:468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        242⤵
        
        PID:1996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        243⤵
        
        PID:4760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        244⤵
        
        PID:2256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        245⤵
        
        PID:2284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        246⤵
        
        PID:3116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        247⤵
        
        PID:1776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        248⤵
        
        PID:7180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        249⤵
        
        PID:7196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        250⤵
        
        PID:7212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        251⤵
        
        PID:7228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        252⤵
        
        PID:7244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        253⤵
        
        PID:7260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        254⤵
        
        PID:7276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        255⤵
        
        PID:7292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        256⤵
        
        PID:7308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        257⤵
        
        PID:7324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        258⤵
        
        PID:7340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        259⤵
        
        PID:7352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        260⤵
        
        PID:7372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        261⤵
        
        PID:7384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        262⤵
        
        PID:7400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        263⤵
        
        PID:7416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        264⤵
        
        PID:7436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        265⤵
        
        PID:7452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        266⤵
        
        PID:7468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        267⤵
        
        PID:7484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        268⤵
        
        PID:7500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        269⤵
        
        PID:7512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        270⤵
        
        PID:7528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        271⤵
        
        PID:7544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        272⤵
        
        PID:7560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        273⤵
        
        PID:7572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        274⤵
        
        PID:7584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        275⤵
        
        PID:7600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        276⤵
        
        PID:7616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        277⤵
        
        PID:7632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        278⤵
        
        PID:7648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        279⤵
        
        PID:7660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        280⤵
        
        PID:7676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        281⤵
        
        PID:7692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        282⤵
        
        PID:7708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        283⤵
        
        PID:7724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        284⤵
        
        PID:7736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        285⤵
        
        PID:7752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        286⤵
        
        PID:7764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        287⤵
        
        PID:7776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        288⤵
        
        PID:7792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        289⤵
        
        PID:7804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        290⤵
        
        PID:7816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        291⤵
        
        PID:7832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        292⤵
        
        PID:7848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        293⤵
        
        PID:7860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        294⤵
        
        PID:7876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        295⤵
        
        PID:7892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        296⤵
        
        PID:7908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        297⤵
        
        PID:7920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        298⤵
        
        PID:7936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        299⤵
        
        PID:7952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        300⤵
        
        PID:7968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        301⤵
        
        PID:7984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        302⤵
        
        PID:8000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        303⤵
        
        PID:8016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        304⤵
        
        PID:8028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        305⤵
        
        PID:8044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        306⤵
        
        PID:8060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        307⤵
        
        PID:8076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        308⤵
        
        PID:8088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        309⤵
        
        PID:8100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        310⤵
        
        PID:8116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        311⤵
        
        PID:8132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        312⤵
        
        PID:8148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        313⤵
        
        PID:8160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        314⤵
        
        PID:8176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        315⤵
        
        PID:6868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        316⤵
        
        PID:4492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        317⤵
        
        PID:4324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        318⤵
        
        PID:1920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        319⤵
        
        PID:3844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        320⤵
        
        PID:8196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        321⤵
        
        PID:8208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        322⤵
        
        PID:8220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        323⤵
        
        PID:8240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        324⤵
        
        PID:8256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        325⤵
        
        PID:8272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        326⤵
        
        PID:8288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        327⤵
        
        PID:8300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        328⤵
        
        PID:8316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        329⤵
        
        PID:8328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        330⤵
        
        PID:8348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        331⤵
        
        PID:8364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        332⤵
        
        PID:8380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        333⤵
        
        PID:8396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        334⤵
        
        PID:8412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        335⤵
        
        PID:8428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        336⤵
        
        PID:8444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        337⤵
        
        PID:8456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        338⤵
        
        PID:8468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        339⤵
        
        PID:8484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        340⤵
        
        PID:8500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        341⤵
        
        PID:8512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        342⤵
        
        PID:8528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        343⤵
        
        PID:8544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        344⤵
        
        PID:8560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        345⤵
        
        PID:8576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        346⤵
        
        PID:8592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        347⤵
        
        PID:8608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        348⤵
        
        PID:8624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        349⤵
        
        PID:8640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        350⤵
        
        PID:8652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        351⤵
        
        PID:8668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        352⤵
        
        PID:8684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        353⤵
        
        PID:8696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        354⤵
        
        PID:8708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        355⤵
        
        PID:8728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        356⤵
        
        PID:8740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        357⤵
        
        PID:8752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        358⤵
        
        PID:8772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        359⤵
        
        PID:8788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        360⤵
        
        PID:8800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        361⤵
        
        PID:8816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        362⤵
        
        PID:8828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        363⤵
        
        PID:8848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        364⤵
        
        PID:8864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        365⤵
        
        PID:8876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        366⤵
        
        PID:8888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        367⤵
        
        PID:8904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        368⤵
        
        PID:8920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        369⤵
        
        PID:8936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        370⤵
        
        PID:8948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        371⤵
        
        PID:8964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        372⤵
        
        PID:8976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        373⤵
        
        PID:8992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        374⤵
        
        PID:9008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        375⤵
        
        PID:9020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        376⤵
        
        PID:9036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        377⤵
        
        PID:9052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        378⤵
        
        PID:9068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        379⤵
        
        PID:9084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        380⤵
        
        PID:9100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        381⤵
        
        PID:9116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        382⤵
        
        PID:9132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        383⤵
        
        PID:9144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        384⤵
        
        PID:9156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        385⤵
        
        PID:9176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        386⤵
        
        PID:9192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        387⤵
        
        PID:9208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        388⤵
        
        PID:804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        389⤵
        
        PID:2968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        390⤵
        
        PID:9228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        391⤵
        
        PID:9244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        392⤵
        
        PID:9260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        393⤵
        
        PID:9276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        394⤵
        
        PID:9288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        395⤵
        
        PID:9308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        396⤵
        
        PID:9320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        397⤵
        
        PID:9336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        398⤵
        
        PID:9356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        399⤵
        
        PID:9368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        400⤵
        
        PID:9384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        401⤵
        
        PID:9400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        402⤵
        
        PID:9416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        403⤵
        
        PID:9432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        404⤵
        
        PID:9448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        405⤵
        
        PID:9460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        406⤵
        
        PID:9480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        407⤵
        
        PID:9496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        408⤵
        
        PID:9512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        409⤵
        
        PID:9528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        410⤵
        
        PID:9544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        411⤵
        
        PID:9560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        412⤵
        
        PID:9576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        413⤵
        
        PID:9592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        414⤵
        
        PID:9608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        415⤵
        
        PID:9624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        416⤵
        
        PID:9640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        417⤵
        
        PID:9652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        418⤵
        
        PID:9668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        419⤵
        
        PID:9684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        420⤵
        
        PID:9696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        421⤵
        
        PID:9712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        422⤵
        
        PID:9728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        423⤵
        
        PID:9744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        424⤵
        
        PID:9760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        425⤵
        
        PID:9776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        426⤵
        
        PID:9788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        427⤵
        
        PID:9804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        428⤵
        
        PID:9824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        429⤵
        
        PID:9840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        430⤵
        
        PID:9856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        431⤵
        
        PID:9868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        432⤵
        
        PID:9884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        433⤵
        
        PID:9896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        434⤵
        
        PID:9912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        435⤵
        
        PID:9924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        436⤵
        
        PID:9940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        437⤵
        
        PID:9952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        438⤵
        
        PID:9972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        439⤵
        
        PID:9988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        440⤵
        
        PID:10004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        441⤵
        
        PID:10020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        442⤵
        
        PID:10036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        443⤵
        
        PID:10052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        444⤵
        
        PID:10068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        445⤵
        
        PID:10084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        446⤵
        
        PID:10096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        447⤵
        
        PID:10112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        448⤵
        
        PID:10124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        449⤵
        
        PID:10144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        450⤵
        
        PID:10160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        451⤵
        
        PID:10176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        452⤵
        
        PID:10192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        453⤵
        
        PID:10208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        454⤵
        
        PID:10224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        455⤵
        
        PID:10236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        456⤵
        
        PID:10248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        457⤵
        
        PID:10260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        458⤵
        
        PID:10276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        459⤵
        
        PID:10292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        460⤵
        
        PID:10304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        461⤵
        
        PID:10320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        462⤵
        
        PID:10336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        463⤵
        
        PID:10352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        464⤵
        
        PID:10368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        465⤵
        
        PID:10384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        466⤵
        
        PID:10396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        467⤵
        
        PID:10412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        468⤵
        
        PID:10428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        469⤵
        
        PID:10444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        470⤵
        
        PID:10456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        471⤵
        
        PID:10472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        472⤵
        
        PID:10488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        473⤵
        
        PID:10500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        474⤵
        
        PID:10512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        475⤵
        
        PID:10528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        476⤵
        
        PID:10544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        477⤵
        
        PID:10560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        478⤵
        
        PID:10576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        479⤵
        
        PID:10592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        480⤵
        
        PID:10604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        481⤵
        
        PID:10620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        482⤵
        
        PID:10636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        483⤵
        
        PID:10652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        484⤵
        
        PID:10664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        485⤵
        
        PID:10680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        486⤵
        
        PID:10696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        487⤵
        
        PID:10712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        488⤵
        
        PID:10724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        489⤵
        
        PID:10736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        490⤵
        
        PID:10752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        491⤵
        
        PID:10768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        492⤵
        
        PID:10784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        493⤵
        
        PID:10800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        494⤵
        
        PID:10816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        495⤵
        
        PID:10832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        496⤵
        
        PID:10848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        497⤵
        
        PID:10864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        498⤵
        
        PID:10880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        499⤵
        
        PID:10896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        500⤵
        
        PID:10916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        501⤵
        
        PID:10932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        502⤵
        
        PID:10948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        503⤵
        
        PID:10960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        504⤵
        
        PID:10976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        505⤵
        
        PID:10988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        506⤵
        
        PID:11008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        507⤵
        
        PID:11024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        508⤵
        
        PID:11040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        509⤵
        
        PID:11056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        510⤵
        
        PID:11072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        511⤵
        
        PID:11088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        512⤵
        
        PID:11104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        513⤵
        
        PID:11120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        514⤵
        
        PID:11136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        515⤵
        
        PID:11148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        516⤵
        
        PID:11168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        517⤵
        
        PID:11184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        518⤵
        
        PID:11200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        519⤵
        
        PID:11212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        520⤵
        
        PID:11232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        521⤵
        
        PID:11244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        522⤵
        
        PID:11256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        523⤵
        
        PID:11268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        524⤵
        
        PID:11284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        525⤵
        
        PID:11300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        526⤵
        
        PID:11316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        527⤵
        
        PID:11332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        528⤵
        
        PID:11348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        529⤵
        
        PID:11364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        530⤵
        
        PID:11376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        531⤵
        
        PID:11396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        532⤵
        
        PID:11408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        533⤵
        
        PID:11424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        534⤵
        
        PID:11440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        535⤵
        
        PID:11456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        536⤵
        
        PID:11468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        537⤵
        
        PID:11484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        538⤵
        
        PID:11500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        539⤵
        
        PID:11516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        540⤵
        
        PID:11528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        541⤵
        
        PID:11540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        542⤵
        
        PID:11560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        543⤵
        
        PID:11572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        544⤵
        
        PID:11588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        545⤵
        
        PID:11600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        546⤵
        
        PID:11612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        547⤵
        
        PID:11628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        548⤵
        
        PID:11644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        549⤵
        
        PID:11660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        550⤵
        
        PID:11676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        551⤵
        
        PID:11692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        552⤵
        
        PID:11712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        553⤵
        
        PID:11728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        554⤵
        
        PID:11740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        555⤵
        
        PID:11756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        556⤵
        
        PID:11768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        557⤵
        
        PID:11780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        558⤵
        
        PID:11792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        559⤵
        
        PID:11808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        560⤵
        
        PID:11824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        561⤵
        
        PID:11840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        562⤵
        
        PID:11852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        563⤵
        
        PID:11868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        564⤵
        
        PID:11880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        565⤵
        
        PID:11892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        566⤵
        
        PID:11904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        567⤵
        
        PID:11920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        568⤵
        
        PID:11940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        569⤵
        
        PID:11956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        570⤵
        
        PID:11972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        571⤵
        
        PID:11988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        572⤵
        
        PID:12004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        573⤵
        
        PID:12016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        574⤵
        
        PID:12028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        575⤵
        
        PID:12044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        576⤵
        
        PID:12060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        577⤵
        
        PID:12076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        578⤵
        
        PID:12092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        579⤵
        
        PID:12108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        580⤵
        
        PID:12124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        581⤵
        
        PID:12140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        582⤵
        
        PID:12156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        583⤵
        
        PID:12172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        584⤵
        
        PID:12188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        585⤵
        
        PID:12204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        586⤵
        
        PID:12220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        587⤵
        
        PID:12236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        588⤵
        
        PID:12252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        589⤵
        
        PID:12268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        590⤵
        
        PID:12284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        591⤵
        
        PID:12292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        592⤵
        
        PID:12308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        593⤵
        
        PID:12324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        594⤵
        
        PID:12340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        595⤵
        
        PID:12356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        596⤵
        
        PID:12372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        597⤵
        
        PID:12388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        598⤵
        
        PID:12408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        599⤵
        
        PID:12420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        600⤵
        
        PID:12440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        601⤵
        
        PID:12456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        602⤵
        
        PID:12472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        603⤵
        
        PID:12488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        604⤵
        
        PID:12500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        605⤵
        
        PID:12520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        606⤵
        
        PID:12536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        607⤵
        
        PID:12552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        608⤵
        
        PID:12568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        609⤵
        
        PID:12584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        610⤵
        
        PID:12600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        611⤵
        
        PID:12616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        612⤵
        
        PID:12628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        613⤵
        
        PID:12648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        614⤵
        
        PID:12664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        615⤵
        
        PID:12680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        616⤵
        
        PID:12696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        617⤵
        
        PID:12712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        618⤵
        
        PID:12728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        619⤵
        
        PID:12740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        620⤵
        
        PID:12756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        621⤵
        
        PID:12772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        622⤵
        
        PID:12788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        623⤵
        
        PID:12804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        624⤵
        
        PID:12820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        625⤵
        
        PID:12836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        626⤵
        
        PID:12852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        627⤵
        
        PID:12868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        628⤵
        
        PID:12884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        629⤵
        
        PID:12900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        630⤵
        
        PID:12916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        631⤵
        
        PID:12928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        632⤵
        
        PID:12944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        633⤵
        
        PID:12956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        634⤵
        
        PID:12972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        635⤵
        
        PID:12984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        636⤵
        
        PID:13004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        637⤵
        
        PID:13020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        638⤵
        
        PID:13036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        639⤵
        
        PID:13052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        640⤵
        
        PID:13068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        641⤵
        
        PID:13084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        642⤵
        
        PID:13100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        643⤵
        
        PID:13116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        644⤵
        
        PID:13136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        645⤵
        
        PID:13152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        646⤵
        
        PID:13168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        647⤵
        
        PID:13184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        648⤵
        
        PID:13200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        649⤵
        
        PID:13212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        650⤵
        
        PID:13232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        651⤵
        
        PID:13248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        652⤵
        
        PID:13264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        653⤵
        
        PID:13280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        654⤵
        
        PID:13296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        655⤵
        
        PID:3480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        656⤵
        
        PID:13324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        657⤵
        
        PID:13340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        658⤵
        
        PID:13356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        659⤵
        
        PID:13372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        660⤵
        
        PID:13388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        661⤵
        
        PID:13404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        662⤵
        
        PID:13420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        663⤵
        
        PID:13436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        664⤵
        
        PID:13448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        665⤵
        
        PID:13464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        666⤵
        
        PID:13480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        667⤵
        
        PID:13496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        668⤵
        
        PID:13516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        669⤵
        
        PID:13532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        670⤵
        
        PID:13544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        671⤵
        
        PID:13564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        672⤵
        
        PID:13580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        673⤵
        
        PID:13596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        674⤵
        
        PID:13612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        675⤵
        
        PID:13628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        676⤵
        
        PID:13644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        677⤵
        
        PID:13656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        678⤵
        
        PID:13668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        679⤵
        
        PID:13688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        680⤵
        
        PID:13700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        681⤵
        
        PID:13720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        682⤵
        
        PID:13736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        683⤵
        
        PID:13748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        684⤵
        
        PID:13768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        685⤵
        
        PID:13784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        686⤵
        
        PID:13804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        687⤵
        
        PID:13820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        688⤵
        
        PID:13836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        689⤵
        
        PID:13848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        690⤵
        
        PID:13864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        691⤵
        
        PID:13880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        692⤵
        
        PID:13896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        693⤵
        
        PID:13912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        694⤵
        
        PID:13924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        695⤵
        
        PID:13944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        696⤵
        
        PID:13960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        697⤵
        
        PID:13976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        698⤵
        
        PID:13992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        699⤵
        
        PID:14004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        700⤵
        
        PID:14024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        701⤵
        
        PID:14040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        702⤵
        
        PID:14056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        703⤵
        
        PID:14072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        704⤵
        
        PID:14088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        705⤵
        
        PID:14104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        706⤵
        
        PID:14116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        707⤵
        
        PID:14132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        708⤵
        
        PID:14144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        709⤵
        
        PID:14164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        710⤵
        
        PID:14180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        711⤵
        
        PID:14196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        712⤵
        
        PID:14212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        713⤵
        
        PID:14228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        714⤵
        
        PID:14244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        715⤵
        
        PID:14260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        716⤵
        
        PID:14272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        717⤵
        
        PID:14292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        718⤵
        
        PID:14304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        719⤵
        
        PID:14316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        720⤵
        
        PID:13124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        721⤵
        
        PID:13792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        722⤵
        
        PID:14352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        723⤵
        
        PID:14368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        724⤵
        
        PID:14384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        725⤵
        
        PID:14400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        726⤵
        
        PID:14416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        727⤵
        
        PID:14432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        728⤵
        
        PID:14448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        729⤵
        
        PID:14468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        730⤵
        
        PID:14484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        731⤵
        
        PID:14500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        732⤵
        
        PID:14516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        733⤵
        
        PID:14532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        734⤵
        
        PID:14544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        735⤵
        
        PID:14564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        736⤵
        
        PID:14596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        737⤵
        
        PID:14612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        738⤵
        
        PID:14628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        739⤵
        
        PID:14644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        740⤵
        
        PID:14660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        741⤵
        
        PID:14676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        742⤵
        
        PID:14692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        743⤵
        
        PID:14708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        744⤵
        
        PID:14724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        745⤵
        
        PID:14740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        746⤵
        
        PID:14756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        747⤵
        
        PID:14772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        748⤵
        
        PID:14788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        749⤵
        
        PID:14808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        750⤵
        
        PID:14824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        751⤵
        
        PID:14840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        752⤵
        
        PID:14856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        753⤵
        
        PID:14872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        754⤵
        
        PID:14884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        755⤵
        
        PID:14900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        756⤵
        
        PID:14916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        757⤵
        
        PID:14932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        758⤵
        
        PID:14944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        759⤵
        
        PID:14960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        760⤵
        
        PID:14972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        761⤵
        
        PID:14992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        762⤵
        
        PID:15008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        763⤵
        
        PID:15020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        764⤵
        
        PID:15036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        765⤵
        
        PID:15052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        766⤵
        
        PID:15068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        767⤵
        
        PID:15080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        768⤵
        
        PID:15100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        769⤵
        
        PID:15116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        770⤵
        
        PID:15128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        771⤵
        
        PID:15144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        772⤵
        
        PID:15160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        773⤵
        
        PID:15180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        774⤵
        
        PID:15196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        775⤵
        
        PID:15208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        776⤵
        
        PID:15228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        777⤵
        
        PID:15244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        778⤵
        
        PID:15260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        779⤵
        
        PID:15276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        780⤵
        
        PID:15292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        781⤵
        
        PID:15304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        782⤵
        
        PID:15320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        783⤵
        
        PID:15336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        784⤵
        
        PID:15352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        785⤵
        
        PID:15368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        786⤵
        
        PID:15384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        787⤵
        
        PID:15396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        788⤵
        
        PID:15412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        789⤵
        
        PID:15428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        790⤵
        
        PID:15444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        791⤵
        
        PID:15456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        792⤵
        
        PID:15476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        793⤵
        
        PID:15492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        794⤵
        
        PID:15508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        795⤵
        
        PID:15520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        796⤵
        
        PID:15536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        797⤵
        
        PID:15552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        798⤵
        
        PID:15568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        799⤵
        
        PID:15580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        800⤵
        
        PID:15596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        801⤵
        
        PID:15612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        802⤵
        
        PID:15628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        803⤵
        
        PID:15644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        804⤵
        
        PID:15656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        805⤵
        
        PID:15676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        806⤵
        
        PID:15692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        807⤵
        
        PID:15708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        808⤵
        
        PID:15724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        809⤵
        
        PID:15740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        810⤵
        
        PID:15756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        811⤵
        
        PID:15772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        812⤵
        
        PID:15788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        813⤵
        
        PID:15804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        814⤵
        
        PID:15820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        815⤵
        
        PID:15836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        816⤵
        
        PID:15852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        817⤵
        
        PID:15872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        818⤵
        
        PID:15888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        819⤵
        
        PID:15900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        820⤵
        
        PID:15920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        821⤵
        
        PID:15936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        822⤵
        
        PID:15952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        823⤵
        
        PID:15968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        824⤵
        
        PID:15984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        825⤵
        
        PID:16000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        826⤵
        
        PID:16012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        827⤵
        
        PID:16028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        828⤵
        
        PID:16044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        829⤵
        
        PID:16060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        830⤵
        
        PID:16076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        831⤵
        
        PID:16092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        832⤵
        
        PID:16108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        833⤵
        
        PID:16120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        834⤵
        
        PID:16140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        835⤵
        
        PID:16156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        836⤵
        
        PID:16172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        837⤵
        
        PID:16188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        838⤵
        
        PID:16204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        839⤵
        
        PID:16216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        840⤵
        
        PID:16232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        841⤵
        
        PID:16248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        842⤵
        
        PID:16264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        843⤵
        
        PID:16280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        844⤵
        
        PID:16296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        845⤵
        
        PID:16312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        846⤵
        
        PID:16324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        847⤵
        
        PID:16336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        848⤵
        
        PID:16352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        849⤵
        
        PID:16368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        850⤵
        
        PID:856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        851⤵
        
        PID:5040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        852⤵
        
        PID:5032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        853⤵
        
        PID:1452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        854⤵
        
        PID:16392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        855⤵
        
        PID:16408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        856⤵
        
        PID:16424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        857⤵
        
        PID:16440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        858⤵
        
        PID:16456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        859⤵
        
        PID:16472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        860⤵
        
        PID:16488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        861⤵
        
        PID:16508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        862⤵
        
        PID:16524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        863⤵
        
        PID:16540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        864⤵
        
        PID:16556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        865⤵
        
        PID:16568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        866⤵
        
        PID:16584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        867⤵
        
        PID:16600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        868⤵
        
        PID:16616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        869⤵
        
        PID:16632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        870⤵
        
        PID:16644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        871⤵
        
        PID:16660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        872⤵
        
        PID:16676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        873⤵
        
        PID:16692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        874⤵
        
        PID:16704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        875⤵
        
        PID:16720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        876⤵
        
        PID:16736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        877⤵
        
        PID:16752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        878⤵
        
        PID:16768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        879⤵
        
        PID:16784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        880⤵
        
        PID:16796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        881⤵
        
        PID:16812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        882⤵
        
        PID:16824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        883⤵
        
        PID:16844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        884⤵
        
        PID:16860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        885⤵
        
        PID:16876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        886⤵
        
        PID:16888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        887⤵
        
        PID:16904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        888⤵
        
        PID:16920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        889⤵
        
        PID:16932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        890⤵
        
        PID:16948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        891⤵
        
        PID:16964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a8826a7b87e15ec748820109c4124ae_JaffaCakes118.dll,#1
        892⤵
        
        PID:16980

C:\Windows\system32\dwm.exe
"dwm.exe"
1⤵
- Checks SCSI registry key(s)
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious use of AdjustPrivilegeToken
PID:17316

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/16920-4-0x00000000751F0000-0x0000000075474000-memory.dmp

Filesize
2.5MB

Download
memory/16932-3-0x00000000751F0000-0x0000000075474000-memory.dmp

Filesize
2.5MB

Download
memory/16948-2-0x00000000751F0000-0x0000000075474000-memory.dmp

Filesize
2.5MB

Download
memory/16964-1-0x00000000751F0000-0x0000000075474000-memory.dmp

Filesize
2.5MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads