99bfbf0e080d51b1b08650d6089eda7855a4558622977c359068c178af797f5b

Analysis

max time kernel
150s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
25-07-2024 03:28

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll
Size

168KB
MD5

a5d03b7ddefe9f1f64776dad5ac36b08
SHA1

8b5169c391fc459db7f5e6a1ba893b41d5265e13
SHA256

99bfbf0e080d51b1b08650d6089eda7855a4558622977c359068c178af797f5b
SHA512

9ea4c28aab65e5492e1fe6f7334fe1f3b5580f7164413b4b8a97a0a45ce9625465bac42fb88ffbbe4323daa22cd1ded15c70149b8280c57c04f5638944f9e81d
SSDEEP

3072:ZufYIZHs2n5MgmhelZydTNdPNlO3WQPyfPYXtTBfIv9wd56f/L:r+dn5M1eGdTDNlO3W5IXtTBQ1wdwH

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 64 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3776 wrote to memory of 3608	3776	rundll32.exe	84
PID 3776 wrote to memory of 3608	3776	rundll32.exe	84
PID 3776 wrote to memory of 3608	3776	rundll32.exe	84
PID 3608 wrote to memory of 2008	3608	rundll32.exe	85
PID 3608 wrote to memory of 2008	3608	rundll32.exe	85
PID 3608 wrote to memory of 2008	3608	rundll32.exe	85
PID 2008 wrote to memory of 3628	2008	rundll32.exe	86
PID 2008 wrote to memory of 3628	2008	rundll32.exe	86
PID 2008 wrote to memory of 3628	2008	rundll32.exe	86
PID 3628 wrote to memory of 4688	3628	rundll32.exe	87
PID 3628 wrote to memory of 4688	3628	rundll32.exe	87
PID 3628 wrote to memory of 4688	3628	rundll32.exe	87
PID 4688 wrote to memory of 960	4688	rundll32.exe	88
PID 4688 wrote to memory of 960	4688	rundll32.exe	88
PID 4688 wrote to memory of 960	4688	rundll32.exe	88
PID 960 wrote to memory of 2744	960	rundll32.exe	89
PID 960 wrote to memory of 2744	960	rundll32.exe	89
PID 960 wrote to memory of 2744	960	rundll32.exe	89
PID 2744 wrote to memory of 3220	2744	rundll32.exe	90
PID 2744 wrote to memory of 3220	2744	rundll32.exe	90
PID 2744 wrote to memory of 3220	2744	rundll32.exe	90
PID 3220 wrote to memory of 2400	3220	rundll32.exe	91
PID 3220 wrote to memory of 2400	3220	rundll32.exe	91
PID 3220 wrote to memory of 2400	3220	rundll32.exe	91
PID 2400 wrote to memory of 4312	2400	rundll32.exe	92
PID 2400 wrote to memory of 4312	2400	rundll32.exe	92
PID 2400 wrote to memory of 4312	2400	rundll32.exe	92
PID 4312 wrote to memory of 3032	4312	rundll32.exe	93
PID 4312 wrote to memory of 3032	4312	rundll32.exe	93
PID 4312 wrote to memory of 3032	4312	rundll32.exe	93
PID 3032 wrote to memory of 2820	3032	rundll32.exe	94
PID 3032 wrote to memory of 2820	3032	rundll32.exe	94
PID 3032 wrote to memory of 2820	3032	rundll32.exe	94
PID 2820 wrote to memory of 2728	2820	rundll32.exe	95
PID 2820 wrote to memory of 2728	2820	rundll32.exe	95
PID 2820 wrote to memory of 2728	2820	rundll32.exe	95
PID 2728 wrote to memory of 3660	2728	rundll32.exe	96
PID 2728 wrote to memory of 3660	2728	rundll32.exe	96
PID 2728 wrote to memory of 3660	2728	rundll32.exe	96
PID 3660 wrote to memory of 2752	3660	rundll32.exe	97
PID 3660 wrote to memory of 2752	3660	rundll32.exe	97
PID 3660 wrote to memory of 2752	3660	rundll32.exe	97
PID 2752 wrote to memory of 4160	2752	rundll32.exe	98
PID 2752 wrote to memory of 4160	2752	rundll32.exe	98
PID 2752 wrote to memory of 4160	2752	rundll32.exe	98
PID 4160 wrote to memory of 4328	4160	rundll32.exe	99
PID 4160 wrote to memory of 4328	4160	rundll32.exe	99
PID 4160 wrote to memory of 4328	4160	rundll32.exe	99
PID 4328 wrote to memory of 5052	4328	rundll32.exe	100
PID 4328 wrote to memory of 5052	4328	rundll32.exe	100
PID 4328 wrote to memory of 5052	4328	rundll32.exe	100
PID 5052 wrote to memory of 3124	5052	rundll32.exe	101
PID 5052 wrote to memory of 3124	5052	rundll32.exe	101
PID 5052 wrote to memory of 3124	5052	rundll32.exe	101
PID 3124 wrote to memory of 3684	3124	rundll32.exe	102
PID 3124 wrote to memory of 3684	3124	rundll32.exe	102
PID 3124 wrote to memory of 3684	3124	rundll32.exe	102
PID 3684 wrote to memory of 324	3684	rundll32.exe	103
PID 3684 wrote to memory of 324	3684	rundll32.exe	103
PID 3684 wrote to memory of 324	3684	rundll32.exe	103
PID 324 wrote to memory of 2952	324	rundll32.exe	104
PID 324 wrote to memory of 2952	324	rundll32.exe	104
PID 324 wrote to memory of 2952	324	rundll32.exe	104
PID 2952 wrote to memory of 2032	2952	rundll32.exe	105

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:3776
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
  2⤵
  - Suspicious use of WriteProcessMemory
  PID:3608
- - C:\Windows\SysWOW64\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
    3⤵
    - Suspicious use of WriteProcessMemory
    PID:2008
  - - C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
      4⤵
      Suspicious use of WriteProcessMemory
      PID:3628
    - - C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        5⤵
        System Location Discovery: System Language Discovery
        Suspicious use of WriteProcessMemory
        
        PID:4688
      - C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        6⤵
        Suspicious use of WriteProcessMemory
        
        PID:960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        7⤵
        System Location Discovery: System Language Discovery
        Suspicious use of WriteProcessMemory
        
        PID:2744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        8⤵
        Suspicious use of WriteProcessMemory
        
        PID:3220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        9⤵
        Suspicious use of WriteProcessMemory
        
        PID:2400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        10⤵
        Suspicious use of WriteProcessMemory
        
        PID:4312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        11⤵
        Suspicious use of WriteProcessMemory
        
        PID:3032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        12⤵
        Suspicious use of WriteProcessMemory
        
        PID:2820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        13⤵
        Suspicious use of WriteProcessMemory
        
        PID:2728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        14⤵
        Suspicious use of WriteProcessMemory
        
        PID:3660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        15⤵
        Suspicious use of WriteProcessMemory
        
        PID:2752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        16⤵
        Suspicious use of WriteProcessMemory
        
        PID:4160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        17⤵
        Suspicious use of WriteProcessMemory
        
        PID:4328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        18⤵
        Suspicious use of WriteProcessMemory
        
        PID:5052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        19⤵
        Suspicious use of WriteProcessMemory
        
        PID:3124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        20⤵
        Suspicious use of WriteProcessMemory
        
        PID:3684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        21⤵
        Suspicious use of WriteProcessMemory
        
        PID:324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        22⤵
        System Location Discovery: System Language Discovery
        Suspicious use of WriteProcessMemory
        
        PID:2952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        23⤵
        
        PID:2032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        24⤵
        
        PID:4272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        25⤵
        
        PID:4288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        26⤵
        
        PID:2436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        27⤵
        
        PID:464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        28⤵
        
        PID:2432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        29⤵
        
        PID:3368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        30⤵
        
        PID:540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        31⤵
        System Location Discovery: System Language Discovery
        
        PID:2028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        32⤵
        
        PID:1888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        33⤵
        
        PID:4228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        34⤵
        
        PID:316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        35⤵
        
        PID:2972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        36⤵
        
        PID:5108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        37⤵
        
        PID:1428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        38⤵
        
        PID:5116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        39⤵
        
        PID:3004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        40⤵
        
        PID:4524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        41⤵
        
        PID:3536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        42⤵
        
        PID:2280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        43⤵
        
        PID:4680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        44⤵
        
        PID:4912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        45⤵
        
        PID:5036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        46⤵
        
        PID:3280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        47⤵
        
        PID:4660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        48⤵
        
        PID:752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        49⤵
        
        PID:4120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        50⤵
        
        PID:2708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        51⤵
        
        PID:2396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        52⤵
        
        PID:3928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        53⤵
        System Location Discovery: System Language Discovery
        
        PID:840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        54⤵
        
        PID:1116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        55⤵
        
        PID:4048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        56⤵
        
        PID:4040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        57⤵
        
        PID:3800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        58⤵
        
        PID:4008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        59⤵
        
        PID:5008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        60⤵
        
        PID:3672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        61⤵
        
        PID:3680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        62⤵
        
        PID:4452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        63⤵
        
        PID:3408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        64⤵
        
        PID:4876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        65⤵
        
        PID:3000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        66⤵
        System Location Discovery: System Language Discovery
        
        PID:1356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        67⤵
        
        PID:1764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        68⤵
        
        PID:692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        69⤵
        
        PID:4508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        70⤵
        
        PID:4268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        71⤵
        
        PID:4348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        72⤵
        
        PID:4924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        73⤵
        System Location Discovery: System Language Discovery
        
        PID:3384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        74⤵
        System Location Discovery: System Language Discovery
        
        PID:4480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        75⤵
        
        PID:640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        76⤵
        
        PID:2520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        77⤵
        
        PID:3200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        78⤵
        
        PID:4164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        79⤵
        
        PID:4320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        80⤵
        
        PID:968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        81⤵
        
        PID:1608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        82⤵
        
        PID:2932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        83⤵
        
        PID:3844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        84⤵
        
        PID:3940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        85⤵
        
        PID:2792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        86⤵
        
        PID:1416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        87⤵
        
        PID:4404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        88⤵
        
        PID:5064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        89⤵
        
        PID:3532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        90⤵
        
        PID:2416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        91⤵
        
        PID:2748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        92⤵
        
        PID:3876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        93⤵
        
        PID:4564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        94⤵
        
        PID:3236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        95⤵
        
        PID:2784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        96⤵
        System Location Discovery: System Language Discovery
        
        PID:4548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        97⤵
        
        PID:5136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        98⤵
        
        PID:5152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        99⤵
        
        PID:5172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        100⤵
        
        PID:5192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        101⤵
        
        PID:5208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        102⤵
        
        PID:5232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        103⤵
        
        PID:5248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        104⤵
        
        PID:5264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        105⤵
        
        PID:5276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        106⤵
        
        PID:5292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        107⤵
        
        PID:5316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        108⤵
        
        PID:5340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        109⤵
        System Location Discovery: System Language Discovery
        
        PID:5356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        110⤵
        
        PID:5368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        111⤵
        System Location Discovery: System Language Discovery
        
        PID:5396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        112⤵
        
        PID:5412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        113⤵
        
        PID:5424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        114⤵
        
        PID:5448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        115⤵
        
        PID:5464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        116⤵
        
        PID:5484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        117⤵
        
        PID:5500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        118⤵
        
        PID:5516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        119⤵
        
        PID:5532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        120⤵
        
        PID:5548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        121⤵
        
        PID:5564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        122⤵
        
        PID:5576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        123⤵
        
        PID:5592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        124⤵
        
        PID:5608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        125⤵
        
        PID:5628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        126⤵
        
        PID:5644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        127⤵
        
        PID:5660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        128⤵
        
        PID:5680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        129⤵
        System Location Discovery: System Language Discovery
        
        PID:5692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        130⤵
        
        PID:5704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        131⤵
        
        PID:5744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        132⤵
        
        PID:5780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        133⤵
        
        PID:5804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        134⤵
        
        PID:5844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        135⤵
        
        PID:5864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        136⤵
        
        PID:5880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        137⤵
        
        PID:5896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        138⤵
        
        PID:5912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        139⤵
        
        PID:5928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        140⤵
        
        PID:5948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        141⤵
        
        PID:5960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        142⤵
        System Location Discovery: System Language Discovery
        
        PID:5980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        143⤵
        
        PID:5992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        144⤵
        
        PID:6008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        145⤵
        
        PID:6024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        146⤵
        
        PID:6040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        147⤵
        
        PID:6060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        148⤵
        
        PID:6072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        149⤵
        
        PID:6088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        150⤵
        
        PID:6104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        151⤵
        
        PID:6124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        152⤵
        
        PID:4068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        153⤵
        
        PID:5404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        154⤵
        
        PID:6156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        155⤵
        
        PID:6172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        156⤵
        
        PID:6188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        157⤵
        
        PID:6204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        158⤵
        
        PID:6220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        159⤵
        
        PID:6236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        160⤵
        
        PID:6248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        161⤵
        
        PID:6260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        162⤵
        
        PID:6280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        163⤵
        
        PID:6308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        164⤵
        
        PID:6324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        165⤵
        
        PID:6344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        166⤵
        
        PID:6380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        167⤵
        
        PID:6404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        168⤵
        
        PID:6440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        169⤵
        
        PID:6464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        170⤵
        
        PID:6488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        171⤵
        
        PID:6500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        172⤵
        
        PID:6548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        173⤵
        
        PID:6572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        174⤵
        
        PID:6624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        175⤵
        
        PID:6640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        176⤵
        
        PID:6656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        177⤵
        
        PID:6672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        178⤵
        
        PID:6692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        179⤵
        
        PID:6708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        180⤵
        
        PID:6728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        181⤵
        
        PID:6760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        182⤵
        
        PID:6776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        183⤵
        
        PID:6788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        184⤵
        
        PID:6804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        185⤵
        
        PID:6820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        186⤵
        
        PID:6836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        187⤵
        
        PID:6852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        188⤵
        
        PID:6868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        189⤵
        
        PID:6880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        190⤵
        
        PID:6896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        191⤵
        
        PID:6912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        192⤵
        
        PID:6928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        193⤵
        System Location Discovery: System Language Discovery
        
        PID:6940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        194⤵
        
        PID:6964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        195⤵
        
        PID:6976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        196⤵
        
        PID:6992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        197⤵
        
        PID:7008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        198⤵
        
        PID:7024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        199⤵
        
        PID:7040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        200⤵
        
        PID:7056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        201⤵
        
        PID:7072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        202⤵
        
        PID:7084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        203⤵
        
        PID:7100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        204⤵
        
        PID:7112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        205⤵
        
        PID:7128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        206⤵
        
        PID:7140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        207⤵
        
        PID:7156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        208⤵
        
        PID:7172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        209⤵
        
        PID:7188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        210⤵
        
        PID:7204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        211⤵
        
        PID:7220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        212⤵
        
        PID:7232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        213⤵
        
        PID:7248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        214⤵
        
        PID:7264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        215⤵
        
        PID:7280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        216⤵
        
        PID:7296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        217⤵
        
        PID:7312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        218⤵
        
        PID:7328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        219⤵
        
        PID:7340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        220⤵
        
        PID:7360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        221⤵
        
        PID:7376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        222⤵
        
        PID:7388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        223⤵
        
        PID:7408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        224⤵
        
        PID:7424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        225⤵
        
        PID:7444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        226⤵
        
        PID:7460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        227⤵
        
        PID:7472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        228⤵
        
        PID:7488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        229⤵
        
        PID:7504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        230⤵
        
        PID:7516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        231⤵
        
        PID:7536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        232⤵
        
        PID:7548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        233⤵
        
        PID:7568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        234⤵
        
        PID:7580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        235⤵
        
        PID:7596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        236⤵
        
        PID:7612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        237⤵
        
        PID:7624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        238⤵
        
        PID:7640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        239⤵
        
        PID:7656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        240⤵
        
        PID:7668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        241⤵
        
        PID:7684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        242⤵
        
        PID:7696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        243⤵
        
        PID:7712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        244⤵
        
        PID:7728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        245⤵
        
        PID:7740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        246⤵
        
        PID:7764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        247⤵
        
        PID:7780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        248⤵
        
        PID:7796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        249⤵
        
        PID:7808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        250⤵
        
        PID:7820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        251⤵
        
        PID:7840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        252⤵
        
        PID:7872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        253⤵
        
        PID:7904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        254⤵
        System Location Discovery: System Language Discovery
        
        PID:7920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        255⤵
        
        PID:7936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        256⤵
        
        PID:7948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        257⤵
        
        PID:7964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        258⤵
        
        PID:7988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        259⤵
        
        PID:8004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        260⤵
        
        PID:8016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        261⤵
        
        PID:8032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        262⤵
        
        PID:8048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        263⤵
        
        PID:8064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        264⤵
        
        PID:8080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        265⤵
        
        PID:8096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        266⤵
        
        PID:8112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        267⤵
        
        PID:8128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        268⤵
        
        PID:8144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        269⤵
        
        PID:8160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        270⤵
        System Location Discovery: System Language Discovery
        
        PID:8176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        271⤵
        
        PID:6952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        272⤵
        
        PID:8200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        273⤵
        System Location Discovery: System Language Discovery
        
        PID:8216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        274⤵
        
        PID:8228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        275⤵
        System Location Discovery: System Language Discovery
        
        PID:8248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        276⤵
        
        PID:8264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        277⤵
        
        PID:8276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        278⤵
        
        PID:8292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        279⤵
        
        PID:8308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        280⤵
        
        PID:8328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        281⤵
        
        PID:8340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        282⤵
        
        PID:8360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        283⤵
        
        PID:8376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        284⤵
        
        PID:8392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        285⤵
        
        PID:8408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        286⤵
        
        PID:8420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        287⤵
        
        PID:8436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        288⤵
        
        PID:8452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        289⤵
        
        PID:8464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        290⤵
        
        PID:8480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        291⤵
        
        PID:8496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        292⤵
        
        PID:8512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        293⤵
        
        PID:8528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        294⤵
        
        PID:8540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        295⤵
        
        PID:8556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        296⤵
        
        PID:8576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        297⤵
        
        PID:8588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        298⤵
        
        PID:8608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        299⤵
        
        PID:8628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        300⤵
        System Location Discovery: System Language Discovery
        
        PID:8644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        301⤵
        
        PID:8680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        302⤵
        
        PID:8712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        303⤵
        
        PID:8744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        304⤵
        
        PID:8764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        305⤵
        
        PID:8784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        306⤵
        
        PID:8832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        307⤵
        
        PID:8864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        308⤵
        
        PID:8880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        309⤵
        
        PID:8896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        310⤵
        
        PID:8912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        311⤵
        
        PID:8940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        312⤵
        
        PID:8960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        313⤵
        
        PID:8972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        314⤵
        
        PID:8992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        315⤵
        System Location Discovery: System Language Discovery
        
        PID:9008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        316⤵
        
        PID:9020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        317⤵
        
        PID:9036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        318⤵
        
        PID:9052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        319⤵
        
        PID:9072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        320⤵
        
        PID:9092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        321⤵
        
        PID:9108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        322⤵
        
        PID:9120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        323⤵
        
        PID:9140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        324⤵
        
        PID:9156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        325⤵
        
        PID:9172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        326⤵
        
        PID:9184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        327⤵
        
        PID:9200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        328⤵
        
        PID:7976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        329⤵
        
        PID:1192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        330⤵
        
        PID:4292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        331⤵
        
        PID:3224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        332⤵
        
        PID:2884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        333⤵
        
        PID:5200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        334⤵
        
        PID:4420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        335⤵
        
        PID:2988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        336⤵
        
        PID:8368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        337⤵
        
        PID:9220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        338⤵
        
        PID:9232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        339⤵
        
        PID:9252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        340⤵
        System Location Discovery: System Language Discovery
        
        PID:9268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        341⤵
        
        PID:9288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        342⤵
        System Location Discovery: System Language Discovery
        
        PID:9300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        343⤵
        
        PID:9312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        344⤵
        System Location Discovery: System Language Discovery
        
        PID:9328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        345⤵
        
        PID:9344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        346⤵
        System Location Discovery: System Language Discovery
        
        PID:9356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        347⤵
        
        PID:9368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        348⤵
        
        PID:9384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        349⤵
        
        PID:9400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        350⤵
        
        PID:9412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        351⤵
        
        PID:9428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        352⤵
        
        PID:9440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        353⤵
        
        PID:9456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        354⤵
        
        PID:9472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        355⤵
        System Location Discovery: System Language Discovery
        
        PID:9488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        356⤵
        
        PID:9512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        357⤵
        
        PID:9528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        358⤵
        
        PID:9544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        359⤵
        
        PID:9556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        360⤵
        
        PID:9576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        361⤵
        
        PID:9592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        362⤵
        
        PID:9612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        363⤵
        
        PID:9624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        364⤵
        
        PID:9640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        365⤵
        
        PID:9656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        366⤵
        
        PID:9672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        367⤵
        
        PID:9688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        368⤵
        
        PID:9704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        369⤵
        
        PID:9720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        370⤵
        
        PID:9736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        371⤵
        
        PID:9752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        372⤵
        
        PID:9768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        373⤵
        
        PID:9784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        374⤵
        
        PID:9800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        375⤵
        
        PID:9812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        376⤵
        
        PID:9828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        377⤵
        
        PID:9848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        378⤵
        
        PID:9864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        379⤵
        
        PID:9880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        380⤵
        
        PID:9896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        381⤵
        
        PID:9908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        382⤵
        
        PID:9928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        383⤵
        
        PID:9940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        384⤵
        
        PID:9956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        385⤵
        
        PID:9972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        386⤵
        System Location Discovery: System Language Discovery
        
        PID:9984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        387⤵
        
        PID:10000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        388⤵
        
        PID:10024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        389⤵
        System Location Discovery: System Language Discovery
        
        PID:10040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        390⤵
        
        PID:10060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        391⤵
        
        PID:10076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        392⤵
        
        PID:10092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        393⤵
        
        PID:10108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        394⤵
        
        PID:10128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        395⤵
        
        PID:10148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        396⤵
        
        PID:10164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        397⤵
        
        PID:10180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        398⤵
        
        PID:10200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        399⤵
        
        PID:10216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        400⤵
        
        PID:10228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        401⤵
        
        PID:6352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        402⤵
        
        PID:6300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        403⤵
        
        PID:6296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        404⤵
        
        PID:5712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        405⤵
        
        PID:5720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        406⤵
        
        PID:9600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        407⤵
        
        PID:10256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        408⤵
        
        PID:10272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        409⤵
        
        PID:10296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        410⤵
        
        PID:10308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        411⤵
        
        PID:10320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        412⤵
        
        PID:10336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        413⤵
        
        PID:10348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        414⤵
        System Location Discovery: System Language Discovery
        
        PID:10364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        415⤵
        System Location Discovery: System Language Discovery
        
        PID:10376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        416⤵
        System Location Discovery: System Language Discovery
        
        PID:10388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        417⤵
        
        PID:10404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        418⤵
        
        PID:10420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        419⤵
        
        PID:10436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        420⤵
        
        PID:10452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        421⤵
        
        PID:10468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        422⤵
        
        PID:10484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        423⤵
        
        PID:10500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        424⤵
        
        PID:10516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        425⤵
        
        PID:10528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        426⤵
        
        PID:10540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        427⤵
        
        PID:10556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        428⤵
        
        PID:10568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        429⤵
        
        PID:10588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        430⤵
        
        PID:10604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        431⤵
        
        PID:10620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        432⤵
        
        PID:10632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        433⤵
        
        PID:10648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        434⤵
        
        PID:10664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        435⤵
        
        PID:10680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        436⤵
        
        PID:10696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        437⤵
        
        PID:10712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        438⤵
        
        PID:10728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        439⤵
        
        PID:10744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        440⤵
        
        PID:10760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        441⤵
        
        PID:10776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        442⤵
        
        PID:10792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        443⤵
        
        PID:10804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        444⤵
        
        PID:10824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        445⤵
        
        PID:10840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        446⤵
        
        PID:10856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        447⤵
        
        PID:10872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        448⤵
        
        PID:10888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        449⤵
        
        PID:10904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        450⤵
        
        PID:10916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        451⤵
        
        PID:10932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        452⤵
        
        PID:10944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        453⤵
        
        PID:10956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        454⤵
        
        PID:10972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        455⤵
        
        PID:10984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        456⤵
        
        PID:10996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        457⤵
        
        PID:11012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        458⤵
        
        PID:11028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        459⤵
        
        PID:11040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        460⤵
        
        PID:11056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        461⤵
        
        PID:11076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        462⤵
        
        PID:11092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        463⤵
        
        PID:11108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        464⤵
        
        PID:11124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        465⤵
        
        PID:11140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        466⤵
        
        PID:11156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        467⤵
        
        PID:11172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        468⤵
        
        PID:11188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        469⤵
        
        PID:11204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        470⤵
        
        PID:11216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        471⤵
        
        PID:11236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        472⤵
        
        PID:11252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        473⤵
        System Location Discovery: System Language Discovery
        
        PID:10280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        474⤵
        
        PID:6528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        475⤵
        
        PID:10548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        476⤵
        System Location Discovery: System Language Discovery
        
        PID:11272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        477⤵
        
        PID:11284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        478⤵
        
        PID:11304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        479⤵
        System Location Discovery: System Language Discovery
        
        PID:11320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        480⤵
        
        PID:11336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        481⤵
        
        PID:11352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        482⤵
        
        PID:11364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        483⤵
        
        PID:11380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        484⤵
        
        PID:11392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        485⤵
        
        PID:11404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        486⤵
        
        PID:11420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        487⤵
        
        PID:11436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        488⤵
        
        PID:11452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        489⤵
        System Location Discovery: System Language Discovery
        
        PID:11468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        490⤵
        
        PID:11480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        491⤵
        System Location Discovery: System Language Discovery
        
        PID:11492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        492⤵
        
        PID:11512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        493⤵
        
        PID:11528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        494⤵
        System Location Discovery: System Language Discovery
        
        PID:11544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        495⤵
        
        PID:11556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        496⤵
        
        PID:11572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        497⤵
        
        PID:11584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        498⤵
        
        PID:11604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        499⤵
        
        PID:11616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        500⤵
        System Location Discovery: System Language Discovery
        
        PID:11632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        501⤵
        
        PID:11648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        502⤵
        
        PID:11660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        503⤵
        
        PID:11676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        504⤵
        
        PID:11688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        505⤵
        
        PID:11700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        506⤵
        System Location Discovery: System Language Discovery
        
        PID:11712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        507⤵
        
        PID:11728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        508⤵
        
        PID:11744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        509⤵
        
        PID:11756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        510⤵
        
        PID:11776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        511⤵
        
        PID:11788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        512⤵
        
        PID:11800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        513⤵
        
        PID:11820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        514⤵
        
        PID:11832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        515⤵
        
        PID:11852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        516⤵
        
        PID:11868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        517⤵
        
        PID:11884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        518⤵
        
        PID:11896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        519⤵
        
        PID:11912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        520⤵
        
        PID:11928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        521⤵
        
        PID:11944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        522⤵
        
        PID:11960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        523⤵
        
        PID:11980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        524⤵
        
        PID:11992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        525⤵
        
        PID:12008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        526⤵
        System Location Discovery: System Language Discovery
        
        PID:12024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        527⤵
        
        PID:12040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        528⤵
        
        PID:12056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        529⤵
        
        PID:12072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        530⤵
        
        PID:12088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        531⤵
        
        PID:12104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        532⤵
        
        PID:12120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        533⤵
        
        PID:12136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        534⤵
        
        PID:12152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        535⤵
        
        PID:12168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        536⤵
        
        PID:12184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        537⤵
        
        PID:12200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        538⤵
        
        PID:12216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        539⤵
        
        PID:12232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        540⤵
        
        PID:12248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        541⤵
        
        PID:12260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        542⤵
        
        PID:12280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        543⤵
        
        PID:12292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        544⤵
        
        PID:12308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        545⤵
        
        PID:12320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        546⤵
        
        PID:12336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        547⤵
        
        PID:12352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        548⤵
        
        PID:12368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        549⤵
        
        PID:12380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        550⤵
        
        PID:12396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        551⤵
        
        PID:12408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        552⤵
        
        PID:12420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        553⤵
        
        PID:12440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        554⤵
        
        PID:12456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        555⤵
        
        PID:12468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        556⤵
        
        PID:12488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        557⤵
        
        PID:12504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        558⤵
        
        PID:12520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        559⤵
        
        PID:12536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        560⤵
        
        PID:12552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        561⤵
        System Location Discovery: System Language Discovery
        
        PID:12568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        562⤵
        
        PID:12584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        563⤵
        
        PID:12600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        564⤵
        
        PID:12612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        565⤵
        
        PID:12628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        566⤵
        
        PID:12644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        567⤵
        
        PID:12660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        568⤵
        
        PID:12676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        569⤵
        
        PID:12692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        570⤵
        
        PID:12704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        571⤵
        
        PID:12720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        572⤵
        System Location Discovery: System Language Discovery
        
        PID:12736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        573⤵
        
        PID:12748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        574⤵
        
        PID:12764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        575⤵
        
        PID:12780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        576⤵
        
        PID:12796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        577⤵
        
        PID:12812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        578⤵
        System Location Discovery: System Language Discovery
        
        PID:12828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        579⤵
        
        PID:12844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        580⤵
        
        PID:12860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        581⤵
        
        PID:12876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        582⤵
        
        PID:12892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        583⤵
        
        PID:12908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        584⤵
        
        PID:12924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        585⤵
        
        PID:12936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        586⤵
        
        PID:12948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        587⤵
        
        PID:12964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        588⤵
        
        PID:12980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        589⤵
        
        PID:13000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        590⤵
        
        PID:13012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        591⤵
        
        PID:13028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        592⤵
        
        PID:13044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        593⤵
        
        PID:13060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        594⤵
        
        PID:13076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        595⤵
        
        PID:13092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        596⤵
        
        PID:13108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        597⤵
        
        PID:13124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        598⤵
        
        PID:13140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        599⤵
        
        PID:13156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        600⤵
        
        PID:13172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        601⤵
        
        PID:13188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        602⤵
        
        PID:13200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        603⤵
        
        PID:13216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        604⤵
        
        PID:13232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        605⤵
        
        PID:13248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        606⤵
        
        PID:13264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        607⤵
        
        PID:13280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        608⤵
        
        PID:13296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        609⤵
        
        PID:11968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        610⤵
        
        PID:13324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        611⤵
        
        PID:13340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        612⤵
        
        PID:13356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        613⤵
        
        PID:13372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        614⤵
        
        PID:13388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        615⤵
        
        PID:13404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        616⤵
        
        PID:13420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        617⤵
        
        PID:13436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        618⤵
        
        PID:13452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        619⤵
        
        PID:13468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        620⤵
        
        PID:13488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        621⤵
        System Location Discovery: System Language Discovery
        
        PID:13504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        622⤵
        
        PID:13520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        623⤵
        
        PID:13536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        624⤵
        
        PID:13552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        625⤵
        
        PID:13568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        626⤵
        
        PID:13584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        627⤵
        
        PID:13600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        628⤵
        
        PID:13616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        629⤵
        
        PID:13632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        630⤵
        
        PID:13644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        631⤵
        System Location Discovery: System Language Discovery
        
        PID:13656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        632⤵
        
        PID:13672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        633⤵
        
        PID:13688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        634⤵
        
        PID:13700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        635⤵
        
        PID:13712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        636⤵
        System Location Discovery: System Language Discovery
        
        PID:13728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        637⤵
        
        PID:13744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        638⤵
        System Location Discovery: System Language Discovery
        
        PID:13760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        639⤵
        
        PID:13776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        640⤵
        
        PID:13792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        641⤵
        
        PID:13808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        642⤵
        
        PID:13824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        643⤵
        
        PID:13840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        644⤵
        
        PID:13856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        645⤵
        
        PID:13872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        646⤵
        System Location Discovery: System Language Discovery
        
        PID:13884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        647⤵
        
        PID:13900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        648⤵
        
        PID:13916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        649⤵
        
        PID:13932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        650⤵
        
        PID:13952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        651⤵
        
        PID:13968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        652⤵
        
        PID:13980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        653⤵
        
        PID:13992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        654⤵
        
        PID:14012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        655⤵
        
        PID:14028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        656⤵
        
        PID:14044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        657⤵
        
        PID:14060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        658⤵
        
        PID:14072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        659⤵
        
        PID:14084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        660⤵
        
        PID:14096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        661⤵
        System Location Discovery: System Language Discovery
        
        PID:14112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        662⤵
        System Location Discovery: System Language Discovery
        
        PID:14128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        663⤵
        
        PID:14140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        664⤵
        
        PID:14152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        665⤵
        
        PID:14168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        666⤵
        
        PID:14184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        667⤵
        
        PID:14200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        668⤵
        
        PID:14212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        669⤵
        
        PID:14228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        670⤵
        
        PID:14240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        671⤵
        
        PID:14252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        672⤵
        
        PID:14268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        673⤵
        
        PID:14284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        674⤵
        
        PID:14300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        675⤵
        
        PID:14312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        676⤵
        
        PID:14328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        677⤵
        
        PID:13484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        678⤵
        
        PID:14344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        679⤵
        
        PID:14356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        680⤵
        
        PID:14368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        681⤵
        
        PID:14380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        682⤵
        
        PID:14396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        683⤵
        
        PID:14412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        684⤵
        
        PID:14424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        685⤵
        
        PID:14440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        686⤵
        
        PID:14456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        687⤵
        
        PID:14472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        688⤵
        
        PID:14484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        689⤵
        
        PID:14496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        690⤵
        
        PID:14512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        691⤵
        
        PID:14524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        692⤵
        
        PID:14536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        693⤵
        System Location Discovery: System Language Discovery
        
        PID:14552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        694⤵
        
        PID:14568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        695⤵
        
        PID:14584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        696⤵
        
        PID:14600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        697⤵
        
        PID:14616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        698⤵
        
        PID:14632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        699⤵
        
        PID:14648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        700⤵
        
        PID:14664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        701⤵
        
        PID:14680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        702⤵
        
        PID:14696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        703⤵
        
        PID:14712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        704⤵
        
        PID:14724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        705⤵
        
        PID:14736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        706⤵
        
        PID:14752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        707⤵
        System Location Discovery: System Language Discovery
        
        PID:14768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        708⤵
        
        PID:14784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        709⤵
        System Location Discovery: System Language Discovery
        
        PID:14800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        710⤵
        
        PID:14812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        711⤵
        
        PID:14824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        712⤵
        
        PID:14836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        713⤵
        
        PID:14852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        714⤵
        
        PID:14864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        715⤵
        
        PID:14880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        716⤵
        
        PID:14896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        717⤵
        
        PID:14912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        718⤵
        System Location Discovery: System Language Discovery
        
        PID:14928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        719⤵
        System Location Discovery: System Language Discovery
        
        PID:14944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        720⤵
        
        PID:14960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        721⤵
        
        PID:14976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        722⤵
        
        PID:14992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        723⤵
        
        PID:15016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        724⤵
        
        PID:15028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        725⤵
        
        PID:15040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        726⤵
        
        PID:15056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        727⤵
        
        PID:15068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        728⤵
        
        PID:15084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        729⤵
        
        PID:15108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        730⤵
        
        PID:15140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        731⤵
        
        PID:15156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        732⤵
        
        PID:15180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        733⤵
        
        PID:15208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        734⤵
        
        PID:15228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        735⤵
        
        PID:15240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        736⤵
        
        PID:15256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        737⤵
        
        PID:15268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        738⤵
        
        PID:15284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        739⤵
        
        PID:15300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        740⤵
        
        PID:15316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        741⤵
        
        PID:15332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        742⤵
        
        PID:15348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        743⤵
        
        PID:14404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        744⤵
        
        PID:4252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        745⤵
        
        PID:1196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        746⤵
        
        PID:3464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        747⤵
        
        PID:4196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        748⤵
        
        PID:2116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        749⤵
        
        PID:4144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        750⤵
        
        PID:2224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        751⤵
        
        PID:1660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        752⤵
        
        PID:4864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        753⤵
        
        PID:5068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        754⤵
        
        PID:2312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        755⤵
        
        PID:312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        756⤵
        
        PID:4088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        757⤵
        System Location Discovery: System Language Discovery
        
        PID:684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        758⤵
        
        PID:5024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        759⤵
        
        PID:1496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        760⤵
        
        PID:5084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        761⤵
        
        PID:1676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        762⤵
        
        PID:4920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        763⤵
        
        PID:1884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        764⤵
        
        PID:2656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        765⤵
        
        PID:15368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        766⤵
        
        PID:15384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        767⤵
        
        PID:15396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        768⤵
        
        PID:15412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        769⤵
        
        PID:15428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        770⤵
        
        PID:15444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        771⤵
        
        PID:15460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        772⤵
        
        PID:15476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        773⤵
        
        PID:15492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        774⤵
        
        PID:15508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        775⤵
        
        PID:15524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        776⤵
        
        PID:15540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        777⤵
        
        PID:15552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        778⤵
        System Location Discovery: System Language Discovery
        
        PID:15564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        779⤵
        
        PID:15584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        780⤵
        
        PID:15600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        781⤵
        
        PID:15620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        782⤵
        
        PID:15636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        783⤵
        System Location Discovery: System Language Discovery
        
        PID:15652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        784⤵
        
        PID:15668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        785⤵
        
        PID:15684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        786⤵
        
        PID:15700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        787⤵
        
        PID:15716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        788⤵
        
        PID:15728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        789⤵
        System Location Discovery: System Language Discovery
        
        PID:15740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        790⤵
        
        PID:15756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        791⤵
        
        PID:15772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        792⤵
        
        PID:15784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        793⤵
        
        PID:15800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        794⤵
        
        PID:15824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        795⤵
        
        PID:15836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        796⤵
        
        PID:15852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        797⤵
        
        PID:15864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        798⤵
        System Location Discovery: System Language Discovery
        
        PID:15880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        799⤵
        
        PID:15896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        800⤵
        
        PID:15912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        801⤵
        
        PID:15928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        802⤵
        
        PID:15944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        803⤵
        
        PID:15964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        804⤵
        
        PID:15980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        805⤵
        
        PID:15996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        806⤵
        
        PID:16012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        807⤵
        System Location Discovery: System Language Discovery
        
        PID:16028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        808⤵
        
        PID:16044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        809⤵
        
        PID:16060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        810⤵
        
        PID:16080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        811⤵
        System Location Discovery: System Language Discovery
        
        PID:16096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        812⤵
        System Location Discovery: System Language Discovery
        
        PID:16112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        813⤵
        
        PID:16124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        814⤵
        
        PID:16140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        815⤵
        
        PID:16156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        816⤵
        
        PID:16172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        817⤵
        
        PID:16188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        818⤵
        System Location Discovery: System Language Discovery
        
        PID:16204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        819⤵
        
        PID:16220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        820⤵
        
        PID:16236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        821⤵
        
        PID:16252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        822⤵
        System Location Discovery: System Language Discovery
        
        PID:16268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        823⤵
        
        PID:16284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        824⤵
        
        PID:16300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        825⤵
        
        PID:16312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        826⤵
        
        PID:16328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        827⤵
        
        PID:16344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        828⤵
        
        PID:16380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        829⤵
        
        PID:4484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        830⤵
        
        PID:1436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        831⤵
        
        PID:628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        832⤵
        
        PID:804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        833⤵
        
        PID:812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        834⤵
        
        PID:2812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        835⤵
        
        PID:2336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        836⤵
        
        PID:1388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        837⤵
        
        PID:2640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        838⤵
        
        PID:4808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        839⤵
        
        PID:2444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        840⤵
        
        PID:2408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        841⤵
        
        PID:2040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        842⤵
        
        PID:3892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        843⤵
        
        PID:3544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        844⤵
        
        PID:1556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        845⤵
        
        PID:3512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        846⤵
        
        PID:116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        847⤵
        
        PID:4080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        848⤵
        
        PID:4960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        849⤵
        
        PID:368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        850⤵
        
        PID:4580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        851⤵
        
        PID:2308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        852⤵
        
        PID:5132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        853⤵
        
        PID:5168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        854⤵
        
        PID:5216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        855⤵
        
        PID:5244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        856⤵
        
        PID:5284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        857⤵
        
        PID:5328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        858⤵
        
        PID:5332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        859⤵
        
        PID:5364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        860⤵
        
        PID:5408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        861⤵
        
        PID:5440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        862⤵
        
        PID:5472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        863⤵
        
        PID:5508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        864⤵
        
        PID:5544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        865⤵
        
        PID:5584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        866⤵
        
        PID:5616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        867⤵
        
        PID:5624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        868⤵
        
        PID:5676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        869⤵
        
        PID:5700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        870⤵
        
        PID:5788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        871⤵
        
        PID:5836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        872⤵
        
        PID:5860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        873⤵
        
        PID:5876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        874⤵
        
        PID:16076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        875⤵
        
        PID:5920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        876⤵
        
        PID:5968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        877⤵
        
        PID:15124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        878⤵
        
        PID:15116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        879⤵
        
        PID:15176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        880⤵
        
        PID:15952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        881⤵
        
        PID:6016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        882⤵
        
        PID:6052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        883⤵
        
        PID:6100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        884⤵
        
        PID:6120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        885⤵
        
        PID:16368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        886⤵
        
        PID:4100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        887⤵
        
        PID:2492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        888⤵
        
        PID:1504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2508-67-0x00000000001C0000-0x00000000001EA000-memory.dll,#1
        889⤵
        
        PID:5936

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads