16eeb5e054c1835e5b2ab9fb36935217a269bd9d98a9d88ab90ae37376ef54d0

Analysis

max time kernel
148s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
16/07/2024, 09:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll
Size

6KB
MD5

4dc0e6a45d877a0760103c00738f6651
SHA1

b9ca3de0c637cba1eb6028f2eb2073d09e8323be
SHA256

16eeb5e054c1835e5b2ab9fb36935217a269bd9d98a9d88ab90ae37376ef54d0
SHA512

f7adb501a5eaef1446ad9ffd6b8c3a94c31f4d13b7a47fc655fb41a5feedcb6458487d48831e0a6aae206b7c54718c01b9e9c3d177fd2e86f0d00a00b75230ac
SSDEEP

96:nPzPo6uzAuAqlEOCksTWPlCrg7ej4X/J3EEPX4P7Kk6P1nR6s:n7Po6MAyuOxXlrdZEEPVk6tnJ

Score

1^/10

Malware Config

Signatures

Checks SCSI registry key(s) 3 TTPs 6 IoCs

SCSI information is often read in order to detect sandboxing environments.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000	dwm.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\ConfigFlags	dwm.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\HardwareID	dwm.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\HardwareID	dwm.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000	dwm.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags	dwm.exe

Enumerates system info in registry 2 TTPs 2 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	dwm.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU	dwm.exe

Modifies data under HKEY_USERS 18 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing	dwm.exe

Suspicious use of AdjustPrivilegeToken 6 IoCs

description	pid	Process
Token: SeCreateGlobalPrivilege	17220	dwm.exe
Token: SeChangeNotifyPrivilege	17220	dwm.exe
Token: 33	17220	dwm.exe
Token: SeIncBasePriorityPrivilege	17220	dwm.exe
Token: SeShutdownPrivilege	17220	dwm.exe
Token: SeCreatePagefilePrivilege	17220	dwm.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1528 wrote to memory of 4616	1528	rundll32.exe	83
PID 1528 wrote to memory of 4616	1528	rundll32.exe	83
PID 1528 wrote to memory of 4616	1528	rundll32.exe	83
PID 4616 wrote to memory of 1544	4616	rundll32.exe	84
PID 4616 wrote to memory of 1544	4616	rundll32.exe	84
PID 4616 wrote to memory of 1544	4616	rundll32.exe	84
PID 1544 wrote to memory of 1480	1544	rundll32.exe	85
PID 1544 wrote to memory of 1480	1544	rundll32.exe	85
PID 1544 wrote to memory of 1480	1544	rundll32.exe	85
PID 1480 wrote to memory of 4356	1480	rundll32.exe	86
PID 1480 wrote to memory of 4356	1480	rundll32.exe	86
PID 1480 wrote to memory of 4356	1480	rundll32.exe	86
PID 4356 wrote to memory of 2292	4356	rundll32.exe	88
PID 4356 wrote to memory of 2292	4356	rundll32.exe	88
PID 4356 wrote to memory of 2292	4356	rundll32.exe	88
PID 2292 wrote to memory of 4036	2292	rundll32.exe	89
PID 2292 wrote to memory of 4036	2292	rundll32.exe	89
PID 2292 wrote to memory of 4036	2292	rundll32.exe	89
PID 4036 wrote to memory of 884	4036	rundll32.exe	90
PID 4036 wrote to memory of 884	4036	rundll32.exe	90
PID 4036 wrote to memory of 884	4036	rundll32.exe	90
PID 884 wrote to memory of 2652	884	rundll32.exe	91
PID 884 wrote to memory of 2652	884	rundll32.exe	91
PID 884 wrote to memory of 2652	884	rundll32.exe	91
PID 2652 wrote to memory of 2764	2652	rundll32.exe	92
PID 2652 wrote to memory of 2764	2652	rundll32.exe	92
PID 2652 wrote to memory of 2764	2652	rundll32.exe	92
PID 2764 wrote to memory of 3628	2764	rundll32.exe	93
PID 2764 wrote to memory of 3628	2764	rundll32.exe	93
PID 2764 wrote to memory of 3628	2764	rundll32.exe	93
PID 3628 wrote to memory of 3788	3628	rundll32.exe	94
PID 3628 wrote to memory of 3788	3628	rundll32.exe	94
PID 3628 wrote to memory of 3788	3628	rundll32.exe	94
PID 3788 wrote to memory of 2912	3788	rundll32.exe	95
PID 3788 wrote to memory of 2912	3788	rundll32.exe	95
PID 3788 wrote to memory of 2912	3788	rundll32.exe	95
PID 2912 wrote to memory of 2220	2912	rundll32.exe	96
PID 2912 wrote to memory of 2220	2912	rundll32.exe	96
PID 2912 wrote to memory of 2220	2912	rundll32.exe	96
PID 2220 wrote to memory of 1908	2220	rundll32.exe	98
PID 2220 wrote to memory of 1908	2220	rundll32.exe	98
PID 2220 wrote to memory of 1908	2220	rundll32.exe	98
PID 1908 wrote to memory of 2040	1908	rundll32.exe	99
PID 1908 wrote to memory of 2040	1908	rundll32.exe	99
PID 1908 wrote to memory of 2040	1908	rundll32.exe	99
PID 2040 wrote to memory of 4044	2040	rundll32.exe	100
PID 2040 wrote to memory of 4044	2040	rundll32.exe	100
PID 2040 wrote to memory of 4044	2040	rundll32.exe	100
PID 4044 wrote to memory of 2552	4044	rundll32.exe	101
PID 4044 wrote to memory of 2552	4044	rundll32.exe	101
PID 4044 wrote to memory of 2552	4044	rundll32.exe	101
PID 2552 wrote to memory of 1044	2552	rundll32.exe	102
PID 2552 wrote to memory of 1044	2552	rundll32.exe	102
PID 2552 wrote to memory of 1044	2552	rundll32.exe	102
PID 1044 wrote to memory of 5000	1044	rundll32.exe	103
PID 1044 wrote to memory of 5000	1044	rundll32.exe	103
PID 1044 wrote to memory of 5000	1044	rundll32.exe	103
PID 5000 wrote to memory of 2452	5000	rundll32.exe	104
PID 5000 wrote to memory of 2452	5000	rundll32.exe	104
PID 5000 wrote to memory of 2452	5000	rundll32.exe	104
PID 2452 wrote to memory of 4648	2452	rundll32.exe	106
PID 2452 wrote to memory of 4648	2452	rundll32.exe	106
PID 2452 wrote to memory of 4648	2452	rundll32.exe	106
PID 4648 wrote to memory of 1932	4648	rundll32.exe	107

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:1528
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
  2⤵
  - Suspicious use of WriteProcessMemory
  PID:4616
- - C:\Windows\SysWOW64\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
    3⤵
    - Suspicious use of WriteProcessMemory
    PID:1544
  - - C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
      4⤵
      Suspicious use of WriteProcessMemory
      PID:1480
    - - C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        5⤵
        Suspicious use of WriteProcessMemory
        
        PID:4356
      - C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        6⤵
        Suspicious use of WriteProcessMemory
        
        PID:2292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        7⤵
        Suspicious use of WriteProcessMemory
        
        PID:4036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        8⤵
        Suspicious use of WriteProcessMemory
        
        PID:884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        9⤵
        Suspicious use of WriteProcessMemory
        
        PID:2652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        10⤵
        Suspicious use of WriteProcessMemory
        
        PID:2764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        11⤵
        Suspicious use of WriteProcessMemory
        
        PID:3628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        12⤵
        Suspicious use of WriteProcessMemory
        
        PID:3788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        13⤵
        Suspicious use of WriteProcessMemory
        
        PID:2912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        14⤵
        Suspicious use of WriteProcessMemory
        
        PID:2220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        15⤵
        Suspicious use of WriteProcessMemory
        
        PID:1908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        16⤵
        Suspicious use of WriteProcessMemory
        
        PID:2040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        17⤵
        Suspicious use of WriteProcessMemory
        
        PID:4044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        18⤵
        Suspicious use of WriteProcessMemory
        
        PID:2552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        19⤵
        Suspicious use of WriteProcessMemory
        
        PID:1044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        20⤵
        Suspicious use of WriteProcessMemory
        
        PID:5000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        21⤵
        Suspicious use of WriteProcessMemory
        
        PID:2452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        22⤵
        Suspicious use of WriteProcessMemory
        
        PID:4648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        23⤵
        
        PID:1932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        24⤵
        
        PID:4028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        25⤵
        
        PID:3044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        26⤵
        
        PID:3844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        27⤵
        
        PID:5072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        28⤵
        
        PID:2180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        29⤵
        
        PID:404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        30⤵
        
        PID:1160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        31⤵
        
        PID:1088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        32⤵
        
        PID:4152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        33⤵
        
        PID:2380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        34⤵
        
        PID:3544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        35⤵
        
        PID:4576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        36⤵
        
        PID:3616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        37⤵
        
        PID:4132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        38⤵
        
        PID:4496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        39⤵
        
        PID:4760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        40⤵
        
        PID:4632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        41⤵
        
        PID:2332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        42⤵
        
        PID:2432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        43⤵
        
        PID:4780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        44⤵
        
        PID:1760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        45⤵
        
        PID:2156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        46⤵
        
        PID:4420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        47⤵
        
        PID:3576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        48⤵
        
        PID:3524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        49⤵
        
        PID:2884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        50⤵
        
        PID:1248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        51⤵
        
        PID:1176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        52⤵
        
        PID:2704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        53⤵
        
        PID:4332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        54⤵
        
        PID:3488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        55⤵
        
        PID:4304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        56⤵
        
        PID:2632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        57⤵
        
        PID:1948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        58⤵
        
        PID:3908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        59⤵
        
        PID:4364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        60⤵
        
        PID:3164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        61⤵
        
        PID:3228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        62⤵
        
        PID:1628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        63⤵
        
        PID:3356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        64⤵
        
        PID:4360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        65⤵
        
        PID:4500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        66⤵
        
        PID:1492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        67⤵
        
        PID:2636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        68⤵
        
        PID:228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        69⤵
        
        PID:1048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        70⤵
        
        PID:952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        71⤵
        
        PID:1112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        72⤵
        
        PID:3744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        73⤵
        
        PID:2500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        74⤵
        
        PID:2112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        75⤵
        
        PID:2736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        76⤵
        
        PID:4608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        77⤵
        
        PID:2876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        78⤵
        
        PID:3204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        79⤵
        
        PID:2880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        80⤵
        
        PID:4492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        81⤵
        
        PID:1776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        82⤵
        
        PID:4416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        83⤵
        
        PID:4384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        84⤵
        
        PID:4316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        85⤵
        
        PID:3768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        86⤵
        
        PID:2260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        87⤵
        
        PID:1164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        88⤵
        
        PID:1468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        89⤵
        
        PID:4216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        90⤵
        
        PID:3180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        91⤵
        
        PID:3280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        92⤵
        
        PID:4712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        93⤵
        
        PID:3156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        94⤵
        
        PID:780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        95⤵
        
        PID:4372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        96⤵
        
        PID:1432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        97⤵
        
        PID:3340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        98⤵
        
        PID:3312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        99⤵
        
        PID:3992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        100⤵
        
        PID:3860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        101⤵
        
        PID:2976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        102⤵
        
        PID:4088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        103⤵
        
        PID:1864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        104⤵
        
        PID:4692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        105⤵
        
        PID:1524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        106⤵
        
        PID:1264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        107⤵
        
        PID:4320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        108⤵
        
        PID:5124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        109⤵
        
        PID:5140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        110⤵
        
        PID:5156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        111⤵
        
        PID:5168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        112⤵
        
        PID:5184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        113⤵
        
        PID:5196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        114⤵
        
        PID:5212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        115⤵
        
        PID:5228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        116⤵
        
        PID:5244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        117⤵
        
        PID:5260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        118⤵
        
        PID:5276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        119⤵
        
        PID:5288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        120⤵
        
        PID:5308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        121⤵
        
        PID:5324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        122⤵
        
        PID:5336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        123⤵
        
        PID:5352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        124⤵
        
        PID:5368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        125⤵
        
        PID:5380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        126⤵
        
        PID:5400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        127⤵
        
        PID:5416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        128⤵
        
        PID:5428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        129⤵
        
        PID:5448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        130⤵
        
        PID:5464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        131⤵
        
        PID:5480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        132⤵
        
        PID:5492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        133⤵
        
        PID:5508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        134⤵
        
        PID:5524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        135⤵
        
        PID:5540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        136⤵
        
        PID:5556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        137⤵
        
        PID:5572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        138⤵
        
        PID:5588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        139⤵
        
        PID:5600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        140⤵
        
        PID:5616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        141⤵
        
        PID:5632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        142⤵
        
        PID:5648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        143⤵
        
        PID:5660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        144⤵
        
        PID:5676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        145⤵
        
        PID:5692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        146⤵
        
        PID:5708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        147⤵
        
        PID:5724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        148⤵
        
        PID:5740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        149⤵
        
        PID:5756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        150⤵
        
        PID:5768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        151⤵
        
        PID:5784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        152⤵
        
        PID:5804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        153⤵
        
        PID:5816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        154⤵
        
        PID:5828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        155⤵
        
        PID:5844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        156⤵
        
        PID:5856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        157⤵
        
        PID:5872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        158⤵
        
        PID:5888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        159⤵
        
        PID:5900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        160⤵
        
        PID:5912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        161⤵
        
        PID:5928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        162⤵
        
        PID:5944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        163⤵
        
        PID:5960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        164⤵
        
        PID:5976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        165⤵
        
        PID:5992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        166⤵
        
        PID:6004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        167⤵
        
        PID:6016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        168⤵
        
        PID:6032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        169⤵
        
        PID:6044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        170⤵
        
        PID:6064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        171⤵
        
        PID:6080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        172⤵
        
        PID:6096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        173⤵
        
        PID:6108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        174⤵
        
        PID:6124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        175⤵
        
        PID:6140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        176⤵
        
        PID:3960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        177⤵
        
        PID:1404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        178⤵
        
        PID:1224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        179⤵
        
        PID:2228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        180⤵
        
        PID:1940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        181⤵
        
        PID:2052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        182⤵
        
        PID:3552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        183⤵
        
        PID:6156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        184⤵
        
        PID:6168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        185⤵
        
        PID:6188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        186⤵
        
        PID:6204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        187⤵
        
        PID:6220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        188⤵
        
        PID:6236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        189⤵
        
        PID:6248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        190⤵
        
        PID:6264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        191⤵
        
        PID:6280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        192⤵
        
        PID:6292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        193⤵
        
        PID:6308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        194⤵
        
        PID:6324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        195⤵
        
        PID:6340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        196⤵
        
        PID:6356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        197⤵
        
        PID:6368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        198⤵
        
        PID:6380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        199⤵
        
        PID:6392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        200⤵
        
        PID:6412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        201⤵
        
        PID:6428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        202⤵
        
        PID:6440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        203⤵
        
        PID:6456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        204⤵
        
        PID:6472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        205⤵
        
        PID:6488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        206⤵
        
        PID:6504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        207⤵
        
        PID:6520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        208⤵
        
        PID:6536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        209⤵
        
        PID:6556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        210⤵
        
        PID:6572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        211⤵
        
        PID:6588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        212⤵
        
        PID:6604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        213⤵
        
        PID:6620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        214⤵
        
        PID:6636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        215⤵
        
        PID:6652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        216⤵
        
        PID:6668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        217⤵
        
        PID:6684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        218⤵
        
        PID:6700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        219⤵
        
        PID:6712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        220⤵
        
        PID:6728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        221⤵
        
        PID:6744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        222⤵
        
        PID:6756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        223⤵
        
        PID:6776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        224⤵
        
        PID:6792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        225⤵
        
        PID:6812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        226⤵
        
        PID:6828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        227⤵
        
        PID:6844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        228⤵
        
        PID:6856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        229⤵
        
        PID:6872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        230⤵
        
        PID:6888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        231⤵
        
        PID:6904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        232⤵
        
        PID:6916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        233⤵
        
        PID:6928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        234⤵
        
        PID:6948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        235⤵
        
        PID:6964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        236⤵
        
        PID:6976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        237⤵
        
        PID:6988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        238⤵
        
        PID:7000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        239⤵
        
        PID:7012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        240⤵
        
        PID:7024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        241⤵
        
        PID:7040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        242⤵
        
        PID:7056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        243⤵
        
        PID:7068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        244⤵
        
        PID:7080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        245⤵
        
        PID:7096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        246⤵
        
        PID:7112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        247⤵
        
        PID:7124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        248⤵
        
        PID:7140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        249⤵
        
        PID:7156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        250⤵
        
        PID:3884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        251⤵
        
        PID:7176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        252⤵
        
        PID:7192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        253⤵
        
        PID:7208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        254⤵
        
        PID:7224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        255⤵
        
        PID:7236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        256⤵
        
        PID:7252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        257⤵
        
        PID:7264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        258⤵
        
        PID:7280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        259⤵
        
        PID:7296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        260⤵
        
        PID:7312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        261⤵
        
        PID:7324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        262⤵
        
        PID:7340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        263⤵
        
        PID:7352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        264⤵
        
        PID:7368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        265⤵
        
        PID:7388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        266⤵
        
        PID:7404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        267⤵
        
        PID:7420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        268⤵
        
        PID:7436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        269⤵
        
        PID:7452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        270⤵
        
        PID:7464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        271⤵
        
        PID:7480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        272⤵
        
        PID:7496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        273⤵
        
        PID:7512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        274⤵
        
        PID:7528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        275⤵
        
        PID:7540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        276⤵
        
        PID:7556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        277⤵
        
        PID:7572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        278⤵
        
        PID:7588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        279⤵
        
        PID:7604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        280⤵
        
        PID:7620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        281⤵
        
        PID:7636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        282⤵
        
        PID:7652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        283⤵
        
        PID:7668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        284⤵
        
        PID:7684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        285⤵
        
        PID:7700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        286⤵
        
        PID:7716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        287⤵
        
        PID:7732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        288⤵
        
        PID:7748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        289⤵
        
        PID:7764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        290⤵
        
        PID:7780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        291⤵
        
        PID:7796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        292⤵
        
        PID:7812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        293⤵
        
        PID:7824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        294⤵
        
        PID:7840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        295⤵
        
        PID:7856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        296⤵
        
        PID:7872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        297⤵
        
        PID:7884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        298⤵
        
        PID:7896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        299⤵
        
        PID:7912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        300⤵
        
        PID:7928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        301⤵
        
        PID:7940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        302⤵
        
        PID:7952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        303⤵
        
        PID:7968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        304⤵
        
        PID:7988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        305⤵
        
        PID:8004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        306⤵
        
        PID:8020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        307⤵
        
        PID:8032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        308⤵
        
        PID:8044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        309⤵
        
        PID:8064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        310⤵
        
        PID:8080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        311⤵
        
        PID:8096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        312⤵
        
        PID:8108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        313⤵
        
        PID:8132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        314⤵
        
        PID:8148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        315⤵
        
        PID:8164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        316⤵
        
        PID:8176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        317⤵
        
        PID:6808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        318⤵
        
        PID:8200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        319⤵
        
        PID:8216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        320⤵
        
        PID:8232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        321⤵
        
        PID:8248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        322⤵
        
        PID:8260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        323⤵
        
        PID:8276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        324⤵
        
        PID:8292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        325⤵
        
        PID:8308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        326⤵
        
        PID:8320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        327⤵
        
        PID:8332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        328⤵
        
        PID:8352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        329⤵
        
        PID:8364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        330⤵
        
        PID:8380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        331⤵
        
        PID:8396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        332⤵
        
        PID:8408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        333⤵
        
        PID:8424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        334⤵
        
        PID:8440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        335⤵
        
        PID:8456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        336⤵
        
        PID:8468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        337⤵
        
        PID:8484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        338⤵
        
        PID:8496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        339⤵
        
        PID:8516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        340⤵
        
        PID:8532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        341⤵
        
        PID:8552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        342⤵
        
        PID:8568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        343⤵
        
        PID:8584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        344⤵
        
        PID:8600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        345⤵
        
        PID:8620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        346⤵
        
        PID:8636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        347⤵
        
        PID:8652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        348⤵
        
        PID:8668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        349⤵
        
        PID:8684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        350⤵
        
        PID:8700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        351⤵
        
        PID:8716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        352⤵
        
        PID:8732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        353⤵
        
        PID:8748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        354⤵
        
        PID:8764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        355⤵
        
        PID:8780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        356⤵
        
        PID:8792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        357⤵
        
        PID:8804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        358⤵
        
        PID:8820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        359⤵
        
        PID:8836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        360⤵
        
        PID:8852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        361⤵
        
        PID:8868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        362⤵
        
        PID:8880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        363⤵
        
        PID:8900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        364⤵
        
        PID:8916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        365⤵
        
        PID:8928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        366⤵
        
        PID:8944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        367⤵
        
        PID:8960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        368⤵
        
        PID:8972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        369⤵
        
        PID:8988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        370⤵
        
        PID:9004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        371⤵
        
        PID:9016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        372⤵
        
        PID:9032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        373⤵
        
        PID:9048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        374⤵
        
        PID:9064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        375⤵
        
        PID:9080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        376⤵
        
        PID:9096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        377⤵
        
        PID:9112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        378⤵
        
        PID:9132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        379⤵
        
        PID:9148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        380⤵
        
        PID:9164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        381⤵
        
        PID:9180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        382⤵
        
        PID:9196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        383⤵
        
        PID:9212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        384⤵
        
        PID:9224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        385⤵
        
        PID:9240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        386⤵
        
        PID:9252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        387⤵
        
        PID:9272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        388⤵
        
        PID:9288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        389⤵
        
        PID:9304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        390⤵
        
        PID:9320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        391⤵
        
        PID:9336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        392⤵
        
        PID:9352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        393⤵
        
        PID:9368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        394⤵
        
        PID:9384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        395⤵
        
        PID:9400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        396⤵
        
        PID:9416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        397⤵
        
        PID:9432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        398⤵
        
        PID:9448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        399⤵
        
        PID:9464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        400⤵
        
        PID:9476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        401⤵
        
        PID:9492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        402⤵
        
        PID:9504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        403⤵
        
        PID:9520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        404⤵
        
        PID:9536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        405⤵
        
        PID:9552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        406⤵
        
        PID:9568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        407⤵
        
        PID:9584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        408⤵
        
        PID:9596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        409⤵
        
        PID:9612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        410⤵
        
        PID:9624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        411⤵
        
        PID:9636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        412⤵
        
        PID:9656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        413⤵
        
        PID:9672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        414⤵
        
        PID:9688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        415⤵
        
        PID:9708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        416⤵
        
        PID:9724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        417⤵
        
        PID:9740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        418⤵
        
        PID:9752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        419⤵
        
        PID:9764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        420⤵
        
        PID:9776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        421⤵
        
        PID:9792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        422⤵
        
        PID:9804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        423⤵
        
        PID:9820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        424⤵
        
        PID:9836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        425⤵
        
        PID:9852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        426⤵
        
        PID:9864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        427⤵
        
        PID:9880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        428⤵
        
        PID:9892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        429⤵
        
        PID:9912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        430⤵
        
        PID:9924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        431⤵
        
        PID:9940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        432⤵
        
        PID:9956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        433⤵
        
        PID:9972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        434⤵
        
        PID:9984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        435⤵
        
        PID:10000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        436⤵
        
        PID:10012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        437⤵
        
        PID:10024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        438⤵
        
        PID:10040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        439⤵
        
        PID:10056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        440⤵
        
        PID:10072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        441⤵
        
        PID:10088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        442⤵
        
        PID:10104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        443⤵
        
        PID:10120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        444⤵
        
        PID:10136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        445⤵
        
        PID:10152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        446⤵
        
        PID:10168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        447⤵
        
        PID:10184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        448⤵
        
        PID:10200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        449⤵
        
        PID:10212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        450⤵
        
        PID:10228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        451⤵
        
        PID:9120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        452⤵
        
        PID:10256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        453⤵
        
        PID:10272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        454⤵
        
        PID:10288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        455⤵
        
        PID:10300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        456⤵
        
        PID:10312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        457⤵
        
        PID:10324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        458⤵
        
        PID:10336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        459⤵
        
        PID:10352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        460⤵
        
        PID:10364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        461⤵
        
        PID:10376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        462⤵
        
        PID:10388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        463⤵
        
        PID:10400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        464⤵
        
        PID:10416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        465⤵
        
        PID:10432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        466⤵
        
        PID:10448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        467⤵
        
        PID:10464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        468⤵
        
        PID:10476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        469⤵
        
        PID:10492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        470⤵
        
        PID:10508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        471⤵
        
        PID:10524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        472⤵
        
        PID:10540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        473⤵
        
        PID:10556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        474⤵
        
        PID:10572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        475⤵
        
        PID:10588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        476⤵
        
        PID:10604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        477⤵
        
        PID:10620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        478⤵
        
        PID:10636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        479⤵
        
        PID:10648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        480⤵
        
        PID:10664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        481⤵
        
        PID:10676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        482⤵
        
        PID:10696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        483⤵
        
        PID:10708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        484⤵
        
        PID:10720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        485⤵
        
        PID:10736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        486⤵
        
        PID:10752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        487⤵
        
        PID:10764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        488⤵
        
        PID:10780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        489⤵
        
        PID:10796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        490⤵
        
        PID:10812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        491⤵
        
        PID:10828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        492⤵
        
        PID:10840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        493⤵
        
        PID:10856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        494⤵
        
        PID:10872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        495⤵
        
        PID:10888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        496⤵
        
        PID:10908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        497⤵
        
        PID:10920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        498⤵
        
        PID:10936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        499⤵
        
        PID:10952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        500⤵
        
        PID:10964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        501⤵
        
        PID:10984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        502⤵
        
        PID:11000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        503⤵
        
        PID:11016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        504⤵
        
        PID:11032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        505⤵
        
        PID:11048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        506⤵
        
        PID:11060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        507⤵
        
        PID:11076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        508⤵
        
        PID:11092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        509⤵
        
        PID:11108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        510⤵
        
        PID:11124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        511⤵
        
        PID:11140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        512⤵
        
        PID:11156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        513⤵
        
        PID:11172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        514⤵
        
        PID:11188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        515⤵
        
        PID:11204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        516⤵
        
        PID:11220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        517⤵
        
        PID:11236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        518⤵
        
        PID:11252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        519⤵
        
        PID:10804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        520⤵
        
        PID:11276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        521⤵
        
        PID:11292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        522⤵
        
        PID:11308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        523⤵
        
        PID:11324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        524⤵
        
        PID:11340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        525⤵
        
        PID:11356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        526⤵
        
        PID:11376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        527⤵
        
        PID:11392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        528⤵
        
        PID:11404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        529⤵
        
        PID:11416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        530⤵
        
        PID:11428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        531⤵
        
        PID:11444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        532⤵
        
        PID:11460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        533⤵
        
        PID:11472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        534⤵
        
        PID:11488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        535⤵
        
        PID:11500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        536⤵
        
        PID:11512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        537⤵
        
        PID:11532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        538⤵
        
        PID:11548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        539⤵
        
        PID:11560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        540⤵
        
        PID:11580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        541⤵
        
        PID:11592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        542⤵
        
        PID:11612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        543⤵
        
        PID:11628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        544⤵
        
        PID:11644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        545⤵
        
        PID:11660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        546⤵
        
        PID:11676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        547⤵
        
        PID:11688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        548⤵
        
        PID:11700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        549⤵
        
        PID:11716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        550⤵
        
        PID:11732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        551⤵
        
        PID:11748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        552⤵
        
        PID:11764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        553⤵
        
        PID:11780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        554⤵
        
        PID:11796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        555⤵
        
        PID:11812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        556⤵
        
        PID:11824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        557⤵
        
        PID:11836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        558⤵
        
        PID:11848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        559⤵
        
        PID:11864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        560⤵
        
        PID:11880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        561⤵
        
        PID:11896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        562⤵
        
        PID:11912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        563⤵
        
        PID:11928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        564⤵
        
        PID:11944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        565⤵
        
        PID:11960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        566⤵
        
        PID:11976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        567⤵
        
        PID:11996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        568⤵
        
        PID:12012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        569⤵
        
        PID:12028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        570⤵
        
        PID:12044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        571⤵
        
        PID:12060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        572⤵
        
        PID:12072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        573⤵
        
        PID:12088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        574⤵
        
        PID:12100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        575⤵
        
        PID:12120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        576⤵
        
        PID:12136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        577⤵
        
        PID:12148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        578⤵
        
        PID:12160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        579⤵
        
        PID:12176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        580⤵
        
        PID:12192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        581⤵
        
        PID:12208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        582⤵
        
        PID:12224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        583⤵
        
        PID:12240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        584⤵
        
        PID:12256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        585⤵
        
        PID:12268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        586⤵
        
        PID:11364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        587⤵
        
        PID:12296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        588⤵
        
        PID:12308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        589⤵
        
        PID:12324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        590⤵
        
        PID:12340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        591⤵
        
        PID:12356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        592⤵
        
        PID:12372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        593⤵
        
        PID:12384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        594⤵
        
        PID:12396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        595⤵
        
        PID:12412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        596⤵
        
        PID:12428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        597⤵
        
        PID:12444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        598⤵
        
        PID:12456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        599⤵
        
        PID:12472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        600⤵
        
        PID:12488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        601⤵
        
        PID:12500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        602⤵
        
        PID:12516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        603⤵
        
        PID:12532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        604⤵
        
        PID:12548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        605⤵
        
        PID:12564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        606⤵
        
        PID:12584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        607⤵
        
        PID:12600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        608⤵
        
        PID:12612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        609⤵
        
        PID:12628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        610⤵
        
        PID:12640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        611⤵
        
        PID:12656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        612⤵
        
        PID:12672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        613⤵
        
        PID:12688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        614⤵
        
        PID:12704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        615⤵
        
        PID:12732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        616⤵
        
        PID:12748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        617⤵
        
        PID:12760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        618⤵
        
        PID:12776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        619⤵
        
        PID:12792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        620⤵
        
        PID:12808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        621⤵
        
        PID:12824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        622⤵
        
        PID:12840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        623⤵
        
        PID:12856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        624⤵
        
        PID:12872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        625⤵
        
        PID:12888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        626⤵
        
        PID:12900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        627⤵
        
        PID:12912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        628⤵
        
        PID:12924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        629⤵
        
        PID:12936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        630⤵
        
        PID:12952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        631⤵
        
        PID:12964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        632⤵
        
        PID:12980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        633⤵
        
        PID:12996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        634⤵
        
        PID:13012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        635⤵
        
        PID:13024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        636⤵
        
        PID:13040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        637⤵
        
        PID:13052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        638⤵
        
        PID:13064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        639⤵
        
        PID:13084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        640⤵
        
        PID:13100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        641⤵
        
        PID:13116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        642⤵
        
        PID:13132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        643⤵
        
        PID:13144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        644⤵
        
        PID:13164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        645⤵
        
        PID:13176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        646⤵
        
        PID:13192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        647⤵
        
        PID:13208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        648⤵
        
        PID:13224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        649⤵
        
        PID:13240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        650⤵
        
        PID:13256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        651⤵
        
        PID:13268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        652⤵
        
        PID:13284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        653⤵
        
        PID:13304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        654⤵
        
        PID:12580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        655⤵
        
        PID:13328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        656⤵
        
        PID:13340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        657⤵
        
        PID:13356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        658⤵
        
        PID:13372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        659⤵
        
        PID:13388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        660⤵
        
        PID:13404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        661⤵
        
        PID:13420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        662⤵
        
        PID:13436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        663⤵
        
        PID:13452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        664⤵
        
        PID:13468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        665⤵
        
        PID:13484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        666⤵
        
        PID:13500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        667⤵
        
        PID:13516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        668⤵
        
        PID:13528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        669⤵
        
        PID:13544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        670⤵
        
        PID:13560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        671⤵
        
        PID:13576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        672⤵
        
        PID:13592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        673⤵
        
        PID:13608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        674⤵
        
        PID:13624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        675⤵
        
        PID:13640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        676⤵
        
        PID:13652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        677⤵
        
        PID:13664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        678⤵
        
        PID:13680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        679⤵
        
        PID:13696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        680⤵
        
        PID:13712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        681⤵
        
        PID:13732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        682⤵
        
        PID:13744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        683⤵
        
        PID:13760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        684⤵
        
        PID:13772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        685⤵
        
        PID:13788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        686⤵
        
        PID:13800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        687⤵
        
        PID:13816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        688⤵
        
        PID:13828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        689⤵
        
        PID:13848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        690⤵
        
        PID:13864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        691⤵
        
        PID:13880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        692⤵
        
        PID:13896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        693⤵
        
        PID:13908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        694⤵
        
        PID:13924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        695⤵
        
        PID:13940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        696⤵
        
        PID:13956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        697⤵
        
        PID:13972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        698⤵
        
        PID:13988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        699⤵
        
        PID:14000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        700⤵
        
        PID:14016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        701⤵
        
        PID:14028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        702⤵
        
        PID:14044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        703⤵
        
        PID:14060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        704⤵
        
        PID:14076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        705⤵
        
        PID:14092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        706⤵
        
        PID:14108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        707⤵
        
        PID:14124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        708⤵
        
        PID:14136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        709⤵
        
        PID:14148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        710⤵
        
        PID:14164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        711⤵
        
        PID:14180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        712⤵
        
        PID:14196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        713⤵
        
        PID:14212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        714⤵
        
        PID:14228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        715⤵
        
        PID:14244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        716⤵
        
        PID:14260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        717⤵
        
        PID:14272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        718⤵
        
        PID:14292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        719⤵
        
        PID:14308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        720⤵
        
        PID:14324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        721⤵
        
        PID:13708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        722⤵
        
        PID:14348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        723⤵
        
        PID:14360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        724⤵
        
        PID:14380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        725⤵
        
        PID:14392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        726⤵
        
        PID:14404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        727⤵
        
        PID:14420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        728⤵
        
        PID:14436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        729⤵
        
        PID:14452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        730⤵
        
        PID:14464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        731⤵
        
        PID:14480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        732⤵
        
        PID:14496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        733⤵
        
        PID:14512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        734⤵
        
        PID:14524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        735⤵
        
        PID:14540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        736⤵
        
        PID:14556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        737⤵
        
        PID:14572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        738⤵
        
        PID:14588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        739⤵
        
        PID:14604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        740⤵
        
        PID:14620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        741⤵
        
        PID:14632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        742⤵
        
        PID:14652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        743⤵
        
        PID:14668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        744⤵
        
        PID:14684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        745⤵
        
        PID:14700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        746⤵
        
        PID:14716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        747⤵
        
        PID:14732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        748⤵
        
        PID:14748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        749⤵
        
        PID:14764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        750⤵
        
        PID:14776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        751⤵
        
        PID:14788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        752⤵
        
        PID:14804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        753⤵
        
        PID:14820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        754⤵
        
        PID:14836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        755⤵
        
        PID:14852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        756⤵
        
        PID:14868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        757⤵
        
        PID:14884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        758⤵
        
        PID:14900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        759⤵
        
        PID:14920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        760⤵
        
        PID:14936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        761⤵
        
        PID:14952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        762⤵
        
        PID:14968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        763⤵
        
        PID:14980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        764⤵
        
        PID:14992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        765⤵
        
        PID:15008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        766⤵
        
        PID:15024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        767⤵
        
        PID:15036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        768⤵
        
        PID:15052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        769⤵
        
        PID:15068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        770⤵
        
        PID:15084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        771⤵
        
        PID:15100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        772⤵
        
        PID:15116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        773⤵
        
        PID:15128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        774⤵
        
        PID:15140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        775⤵
        
        PID:15152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        776⤵
        
        PID:15168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        777⤵
        
        PID:15184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        778⤵
        
        PID:15200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        779⤵
        
        PID:15216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        780⤵
        
        PID:15228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        781⤵
        
        PID:15244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        782⤵
        
        PID:15256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        783⤵
        
        PID:15272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        784⤵
        
        PID:15288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        785⤵
        
        PID:15304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        786⤵
        
        PID:15320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        787⤵
        
        PID:15336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        788⤵
        
        PID:15352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        789⤵
        
        PID:15364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        790⤵
        
        PID:15380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        791⤵
        
        PID:15396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        792⤵
        
        PID:15412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        793⤵
        
        PID:15428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        794⤵
        
        PID:15444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        795⤵
        
        PID:15456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        796⤵
        
        PID:15476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        797⤵
        
        PID:15492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        798⤵
        
        PID:15508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        799⤵
        
        PID:15528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        800⤵
        
        PID:15544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        801⤵
        
        PID:15556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        802⤵
        
        PID:15572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        803⤵
        
        PID:15588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        804⤵
        
        PID:15604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        805⤵
        
        PID:15616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        806⤵
        
        PID:15636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        807⤵
        
        PID:15648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        808⤵
        
        PID:15664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        809⤵
        
        PID:15676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        810⤵
        
        PID:15688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        811⤵
        
        PID:15704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        812⤵
        
        PID:15720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        813⤵
        
        PID:15732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        814⤵
        
        PID:15752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        815⤵
        
        PID:15768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        816⤵
        
        PID:15784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        817⤵
        
        PID:15796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        818⤵
        
        PID:15812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        819⤵
        
        PID:15828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        820⤵
        
        PID:15844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        821⤵
        
        PID:15860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        822⤵
        
        PID:15876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        823⤵
        
        PID:15888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        824⤵
        
        PID:15904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        825⤵
        
        PID:15920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        826⤵
        
        PID:15936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        827⤵
        
        PID:15952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        828⤵
        
        PID:15968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        829⤵
        
        PID:15984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        830⤵
        
        PID:15996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        831⤵
        
        PID:16012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        832⤵
        
        PID:16028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        833⤵
        
        PID:16044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        834⤵
        
        PID:16056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        835⤵
        
        PID:16072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        836⤵
        
        PID:16088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        837⤵
        
        PID:16104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        838⤵
        
        PID:16120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        839⤵
        
        PID:16140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        840⤵
        
        PID:16156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        841⤵
        
        PID:16168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        842⤵
        
        PID:16184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        843⤵
        
        PID:16200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        844⤵
        
        PID:16212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        845⤵
        
        PID:16224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        846⤵
        
        PID:16244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        847⤵
        
        PID:16256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        848⤵
        
        PID:16272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        849⤵
        
        PID:16288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        850⤵
        
        PID:16304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        851⤵
        
        PID:16316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        852⤵
        
        PID:16332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        853⤵
        
        PID:16348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        854⤵
        
        PID:16364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        855⤵
        
        PID:16380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        856⤵
        
        PID:2492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        857⤵
        
        PID:2928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        858⤵
        
        PID:16392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        859⤵
        
        PID:16404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        860⤵
        
        PID:16420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        861⤵
        
        PID:16432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        862⤵
        
        PID:16448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        863⤵
        
        PID:16460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        864⤵
        
        PID:16472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        865⤵
        
        PID:16484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        866⤵
        
        PID:16496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        867⤵
        
        PID:16512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        868⤵
        
        PID:16528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        869⤵
        
        PID:16544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        870⤵
        
        PID:16556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        871⤵
        
        PID:16576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        872⤵
        
        PID:16592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        873⤵
        
        PID:16604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        874⤵
        
        PID:16620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        875⤵
        
        PID:16636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        876⤵
        
        PID:16652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        877⤵
        
        PID:16664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        878⤵
        
        PID:16688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        879⤵
        
        PID:16700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        880⤵
        
        PID:16712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        881⤵
        
        PID:16728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        882⤵
        
        PID:16740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        883⤵
        
        PID:16756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        884⤵
        
        PID:16772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        885⤵
        
        PID:16788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        886⤵
        
        PID:16804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        887⤵
        
        PID:16820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        888⤵
        
        PID:16836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        889⤵
        
        PID:16848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        890⤵
        
        PID:16864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        891⤵
        
        PID:16876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        892⤵
        
        PID:16888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        893⤵
        
        PID:16904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        894⤵
        
        PID:16920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\4dc0e6a45d877a0760103c00738f6651_JaffaCakes118.dll,#1
        895⤵
        
        PID:16936

C:\Windows\system32\dwm.exe
"dwm.exe"
1⤵
- Checks SCSI registry key(s)
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious use of AdjustPrivilegeToken
PID:17220

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4044-15-0x0000000075070000-0x00000000752F4000-memory.dmp

Filesize
2.5MB

Download
memory/4616-0-0x0000000075070000-0x00000000752F4000-memory.dmp

Filesize
2.5MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads