47f3d71e8e4e238614e46a2be8c0949739c3358d4eb604c7f627825022e0bc48

Analysis

max time kernel
130s
max time network
131s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
10/08/2024, 19:53

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll
Size

39KB
MD5

8770823321ee3f4b0e2b017968652d76
SHA1

e580685a17aae679084fb938146ecb0257721dc2
SHA256

47f3d71e8e4e238614e46a2be8c0949739c3358d4eb604c7f627825022e0bc48
SHA512

aff5042e73fbfd3529a38c7b78a211c3aa23bad75d05d39d634252626bf66da301acf86c1bf4e3bb5af4926f4fd0e3c4c7b3a23e20513b2371fd69bf37b7893e
SSDEEP

768:8SEoHJKCii9G+qjk3MG4BDWVPZa9ssUV4UlZK5/yACJJmKw8ddF:duI4jQkBDKBx4Ul4xySKn

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 64 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3660 wrote to memory of 952	3660	rundll32.exe	83
PID 3660 wrote to memory of 952	3660	rundll32.exe	83
PID 3660 wrote to memory of 952	3660	rundll32.exe	83
PID 952 wrote to memory of 1884	952	rundll32.exe	84
PID 952 wrote to memory of 1884	952	rundll32.exe	84
PID 952 wrote to memory of 1884	952	rundll32.exe	84
PID 1884 wrote to memory of 1756	1884	rundll32.exe	85
PID 1884 wrote to memory of 1756	1884	rundll32.exe	85
PID 1884 wrote to memory of 1756	1884	rundll32.exe	85
PID 1756 wrote to memory of 4328	1756	rundll32.exe	86
PID 1756 wrote to memory of 4328	1756	rundll32.exe	86
PID 1756 wrote to memory of 4328	1756	rundll32.exe	86
PID 4328 wrote to memory of 3604	4328	rundll32.exe	87
PID 4328 wrote to memory of 3604	4328	rundll32.exe	87
PID 4328 wrote to memory of 3604	4328	rundll32.exe	87
PID 3604 wrote to memory of 3488	3604	rundll32.exe	88
PID 3604 wrote to memory of 3488	3604	rundll32.exe	88
PID 3604 wrote to memory of 3488	3604	rundll32.exe	88
PID 3488 wrote to memory of 4620	3488	rundll32.exe	89
PID 3488 wrote to memory of 4620	3488	rundll32.exe	89
PID 3488 wrote to memory of 4620	3488	rundll32.exe	89
PID 4620 wrote to memory of 860	4620	rundll32.exe	90
PID 4620 wrote to memory of 860	4620	rundll32.exe	90
PID 4620 wrote to memory of 860	4620	rundll32.exe	90
PID 860 wrote to memory of 4744	860	rundll32.exe	91
PID 860 wrote to memory of 4744	860	rundll32.exe	91
PID 860 wrote to memory of 4744	860	rundll32.exe	91
PID 4744 wrote to memory of 4188	4744	rundll32.exe	92
PID 4744 wrote to memory of 4188	4744	rundll32.exe	92
PID 4744 wrote to memory of 4188	4744	rundll32.exe	92
PID 4188 wrote to memory of 4788	4188	rundll32.exe	93
PID 4188 wrote to memory of 4788	4188	rundll32.exe	93
PID 4188 wrote to memory of 4788	4188	rundll32.exe	93
PID 4788 wrote to memory of 5028	4788	rundll32.exe	94
PID 4788 wrote to memory of 5028	4788	rundll32.exe	94
PID 4788 wrote to memory of 5028	4788	rundll32.exe	94
PID 5028 wrote to memory of 2424	5028	rundll32.exe	95
PID 5028 wrote to memory of 2424	5028	rundll32.exe	95
PID 5028 wrote to memory of 2424	5028	rundll32.exe	95
PID 2424 wrote to memory of 1444	2424	rundll32.exe	97
PID 2424 wrote to memory of 1444	2424	rundll32.exe	97
PID 2424 wrote to memory of 1444	2424	rundll32.exe	97
PID 1444 wrote to memory of 1928	1444	rundll32.exe	98
PID 1444 wrote to memory of 1928	1444	rundll32.exe	98
PID 1444 wrote to memory of 1928	1444	rundll32.exe	98
PID 1928 wrote to memory of 1232	1928	rundll32.exe	99
PID 1928 wrote to memory of 1232	1928	rundll32.exe	99
PID 1928 wrote to memory of 1232	1928	rundll32.exe	99
PID 1232 wrote to memory of 2636	1232	rundll32.exe	100
PID 1232 wrote to memory of 2636	1232	rundll32.exe	100
PID 1232 wrote to memory of 2636	1232	rundll32.exe	100
PID 2636 wrote to memory of 2536	2636	rundll32.exe	101
PID 2636 wrote to memory of 2536	2636	rundll32.exe	101
PID 2636 wrote to memory of 2536	2636	rundll32.exe	101
PID 2536 wrote to memory of 1368	2536	rundll32.exe	102
PID 2536 wrote to memory of 1368	2536	rundll32.exe	102
PID 2536 wrote to memory of 1368	2536	rundll32.exe	102
PID 1368 wrote to memory of 4272	1368	rundll32.exe	104
PID 1368 wrote to memory of 4272	1368	rundll32.exe	104
PID 1368 wrote to memory of 4272	1368	rundll32.exe	104
PID 4272 wrote to memory of 856	4272	rundll32.exe	105
PID 4272 wrote to memory of 856	4272	rundll32.exe	105
PID 4272 wrote to memory of 856	4272	rundll32.exe	105
PID 856 wrote to memory of 3008	856	rundll32.exe	106

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:3660
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
  2⤵
  - Suspicious use of WriteProcessMemory
  PID:952
- - C:\Windows\SysWOW64\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
    3⤵
    - Suspicious use of WriteProcessMemory
    PID:1884
  - - C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
      4⤵
      Suspicious use of WriteProcessMemory
      PID:1756
    - - C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        5⤵
        Suspicious use of WriteProcessMemory
        
        PID:4328
      - C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        6⤵
        Suspicious use of WriteProcessMemory
        
        PID:3604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        7⤵
        Suspicious use of WriteProcessMemory
        
        PID:3488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        8⤵
        Suspicious use of WriteProcessMemory
        
        PID:4620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        9⤵
        Suspicious use of WriteProcessMemory
        
        PID:860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        10⤵
        Suspicious use of WriteProcessMemory
        
        PID:4744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        11⤵
        Suspicious use of WriteProcessMemory
        
        PID:4188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        12⤵
        Suspicious use of WriteProcessMemory
        
        PID:4788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        13⤵
        Suspicious use of WriteProcessMemory
        
        PID:5028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        14⤵
        Suspicious use of WriteProcessMemory
        
        PID:2424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        15⤵
        Suspicious use of WriteProcessMemory
        
        PID:1444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        16⤵
        Suspicious use of WriteProcessMemory
        
        PID:1928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        17⤵
        Suspicious use of WriteProcessMemory
        
        PID:1232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        18⤵
        Suspicious use of WriteProcessMemory
        
        PID:2636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        19⤵
        Suspicious use of WriteProcessMemory
        
        PID:2536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        20⤵
        Suspicious use of WriteProcessMemory
        
        PID:1368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        21⤵
        System Location Discovery: System Language Discovery
        Suspicious use of WriteProcessMemory
        
        PID:4272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        22⤵
        Suspicious use of WriteProcessMemory
        
        PID:856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        23⤵
        
        PID:3008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        24⤵
        
        PID:1504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        25⤵
        System Location Discovery: System Language Discovery
        
        PID:4420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        26⤵
        
        PID:3196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        27⤵
        
        PID:3248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        28⤵
        
        PID:3644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        29⤵
        
        PID:3880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        30⤵
        
        PID:4864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        31⤵
        
        PID:4080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        32⤵
        
        PID:2192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        33⤵
        
        PID:2592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        34⤵
        System Location Discovery: System Language Discovery
        
        PID:4200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        35⤵
        
        PID:1564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        36⤵
        
        PID:3588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        37⤵
        
        PID:1788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        38⤵
        
        PID:540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        39⤵
        
        PID:4660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        40⤵
        
        PID:2708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        41⤵
        System Location Discovery: System Language Discovery
        
        PID:1668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        42⤵
        
        PID:1896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        43⤵
        System Location Discovery: System Language Discovery
        
        PID:3076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        44⤵
        System Location Discovery: System Language Discovery
        
        PID:2976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        45⤵
        
        PID:1784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        46⤵
        
        PID:4900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        47⤵
        
        PID:4776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        48⤵
        
        PID:2240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        49⤵
        
        PID:2680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        50⤵
        
        PID:3800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        51⤵
        
        PID:4232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        52⤵
        
        PID:1864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        53⤵
        
        PID:4560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        54⤵
        
        PID:4608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        55⤵
        
        PID:4572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        56⤵
        
        PID:3168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        57⤵
        
        PID:3136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        58⤵
        System Location Discovery: System Language Discovery
        
        PID:1192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        59⤵
        
        PID:2132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        60⤵
        
        PID:2252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        61⤵
        
        PID:2616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        62⤵
        
        PID:376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        63⤵
        
        PID:1796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        64⤵
        
        PID:1624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        65⤵
        
        PID:916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        66⤵
        
        PID:2484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        67⤵
        
        PID:4876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        68⤵
        
        PID:1760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        69⤵
        
        PID:2316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        70⤵
        
        PID:3284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        71⤵
        
        PID:2172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        72⤵
        
        PID:4516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        73⤵
        
        PID:4492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        74⤵
        
        PID:468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        75⤵
        System Location Discovery: System Language Discovery
        
        PID:2368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        76⤵
        
        PID:5040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        77⤵
        
        PID:3500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        78⤵
        
        PID:2620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        79⤵
        
        PID:4380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        80⤵
        
        PID:3808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        81⤵
        
        PID:4092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        82⤵
        
        PID:1744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        83⤵
        
        PID:1660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        84⤵
        
        PID:1828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        85⤵
        
        PID:1200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        86⤵
        
        PID:3320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        87⤵
        
        PID:3296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        88⤵
        
        PID:4836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        89⤵
        
        PID:5116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        90⤵
        
        PID:840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        91⤵
        
        PID:4940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        92⤵
        
        PID:3788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        93⤵
        
        PID:2040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        94⤵
        
        PID:1224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        95⤵
        
        PID:4632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        96⤵
        
        PID:4784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        97⤵
        
        PID:316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        98⤵
        System Location Discovery: System Language Discovery
        
        PID:3276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        99⤵
        
        PID:4360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        100⤵
        
        PID:2056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        101⤵
        
        PID:792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        102⤵
        
        PID:992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        103⤵
        
        PID:2640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        104⤵
        
        PID:4052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        105⤵
        
        PID:5128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        106⤵
        
        PID:5144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        107⤵
        
        PID:5160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        108⤵
        
        PID:5180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        109⤵
        
        PID:5192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        110⤵
        
        PID:5208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        111⤵
        
        PID:5224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        112⤵
        System Location Discovery: System Language Discovery
        
        PID:5240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        113⤵
        
        PID:5256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        114⤵
        System Location Discovery: System Language Discovery
        
        PID:5272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        115⤵
        
        PID:5288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        116⤵
        
        PID:5304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        117⤵
        
        PID:5316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        118⤵
        
        PID:5332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        119⤵
        
        PID:5348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        120⤵
        
        PID:5360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        121⤵
        
        PID:5376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        122⤵
        System Location Discovery: System Language Discovery
        
        PID:5392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        123⤵
        
        PID:5408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        124⤵
        
        PID:5420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        125⤵
        
        PID:5436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        126⤵
        
        PID:5452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        127⤵
        
        PID:5468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        128⤵
        
        PID:5496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        129⤵
        
        PID:5512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        130⤵
        
        PID:5552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        131⤵
        
        PID:5592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        132⤵
        
        PID:5624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        133⤵
        
        PID:5644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        134⤵
        
        PID:5656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        135⤵
        
        PID:5668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        136⤵
        
        PID:5720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        137⤵
        
        PID:5772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        138⤵
        
        PID:5796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        139⤵
        
        PID:5812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        140⤵
        System Location Discovery: System Language Discovery
        
        PID:5828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        141⤵
        
        PID:5848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        142⤵
        System Location Discovery: System Language Discovery
        
        PID:5864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        143⤵
        
        PID:5884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        144⤵
        
        PID:5904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        145⤵
        
        PID:5928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        146⤵
        
        PID:5944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        147⤵
        
        PID:5960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        148⤵
        
        PID:5976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        149⤵
        System Location Discovery: System Language Discovery
        
        PID:5992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        150⤵
        
        PID:6008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        151⤵
        
        PID:6024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        152⤵
        
        PID:6036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        153⤵
        
        PID:6052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        154⤵
        
        PID:6064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        155⤵
        
        PID:6076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        156⤵
        
        PID:6088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        157⤵
        
        PID:6100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        158⤵
        
        PID:6116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        159⤵
        
        PID:6128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        160⤵
        
        PID:6140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        161⤵
        
        PID:6156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        162⤵
        
        PID:6172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        163⤵
        
        PID:6188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        164⤵
        
        PID:6204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        165⤵
        
        PID:6220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        166⤵
        
        PID:6236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        167⤵
        
        PID:6256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        168⤵
        
        PID:6272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        169⤵
        
        PID:6288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        170⤵
        
        PID:6304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        171⤵
        
        PID:6320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        172⤵
        
        PID:6340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        173⤵
        
        PID:6356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        174⤵
        
        PID:6376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        175⤵
        
        PID:6388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        176⤵
        
        PID:6404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        177⤵
        
        PID:6420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        178⤵
        
        PID:6436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        179⤵
        
        PID:6452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        180⤵
        
        PID:6468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        181⤵
        
        PID:6480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        182⤵
        
        PID:6496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        183⤵
        
        PID:6508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        184⤵
        
        PID:6524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        185⤵
        
        PID:6540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        186⤵
        
        PID:6556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        187⤵
        
        PID:6568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        188⤵
        
        PID:6584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        189⤵
        System Location Discovery: System Language Discovery
        
        PID:6600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        190⤵
        
        PID:6616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        191⤵
        
        PID:6628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        192⤵
        
        PID:6648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        193⤵
        
        PID:6660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        194⤵
        System Location Discovery: System Language Discovery
        
        PID:6676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        195⤵
        
        PID:6692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        196⤵
        
        PID:6708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        197⤵
        
        PID:6724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        198⤵
        
        PID:6740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        199⤵
        
        PID:6752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        200⤵
        
        PID:6768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        201⤵
        
        PID:6784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        202⤵
        
        PID:6800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        203⤵
        
        PID:6816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        204⤵
        
        PID:6828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        205⤵
        
        PID:6844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        206⤵
        
        PID:6860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        207⤵
        
        PID:6876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        208⤵
        
        PID:6892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        209⤵
        
        PID:6908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        210⤵
        System Location Discovery: System Language Discovery
        
        PID:6920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        211⤵
        
        PID:6936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        212⤵
        
        PID:6948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        213⤵
        
        PID:6960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        214⤵
        
        PID:6976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        215⤵
        
        PID:6988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        216⤵
        
        PID:7004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        217⤵
        
        PID:7020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        218⤵
        
        PID:7036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        219⤵
        
        PID:7048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        220⤵
        
        PID:7068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        221⤵
        System Location Discovery: System Language Discovery
        
        PID:7112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        222⤵
        
        PID:7124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        223⤵
        
        PID:7140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        224⤵
        
        PID:7156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        225⤵
        
        PID:4436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        226⤵
        System Location Discovery: System Language Discovery
        
        PID:3132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        227⤵
        
        PID:3080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        228⤵
        
        PID:2684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        229⤵
        
        PID:7172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        230⤵
        
        PID:7188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        231⤵
        
        PID:7204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        232⤵
        
        PID:7220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        233⤵
        
        PID:7236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        234⤵
        
        PID:7252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        235⤵
        
        PID:7272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        236⤵
        
        PID:7288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        237⤵
        
        PID:7304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        238⤵
        
        PID:7320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        239⤵
        
        PID:7336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        240⤵
        
        PID:7348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        241⤵
        
        PID:7364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        242⤵
        
        PID:7376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        243⤵
        
        PID:7420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        244⤵
        
        PID:7440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        245⤵
        
        PID:7456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        246⤵
        
        PID:7480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        247⤵
        
        PID:7512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        248⤵
        
        PID:7548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        249⤵
        
        PID:7584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        250⤵
        
        PID:7604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        251⤵
        
        PID:7620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        252⤵
        
        PID:7648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        253⤵
        
        PID:7660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        254⤵
        
        PID:7680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        255⤵
        
        PID:7696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        256⤵
        
        PID:7708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        257⤵
        
        PID:7736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        258⤵
        
        PID:7752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        259⤵
        
        PID:7772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        260⤵
        
        PID:7804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        261⤵
        
        PID:7824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        262⤵
        System Location Discovery: System Language Discovery
        
        PID:7840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        263⤵
        
        PID:7856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        264⤵
        
        PID:7872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        265⤵
        
        PID:7888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        266⤵
        
        PID:7908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        267⤵
        
        PID:7928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        268⤵
        System Location Discovery: System Language Discovery
        
        PID:7952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        269⤵
        
        PID:7968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        270⤵
        
        PID:7984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        271⤵
        
        PID:8016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        272⤵
        
        PID:8040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        273⤵
        
        PID:8056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        274⤵
        
        PID:8076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        275⤵
        
        PID:8096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        276⤵
        
        PID:8112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        277⤵
        
        PID:8128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        278⤵
        
        PID:8152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        279⤵
        
        PID:8188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        280⤵
        
        PID:7996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        281⤵
        System Location Discovery: System Language Discovery
        
        PID:8212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        282⤵
        
        PID:8228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        283⤵
        
        PID:8244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        284⤵
        
        PID:8260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        285⤵
        System Location Discovery: System Language Discovery
        
        PID:8276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        286⤵
        
        PID:8292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        287⤵
        
        PID:8304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        288⤵
        
        PID:8316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        289⤵
        System Location Discovery: System Language Discovery
        
        PID:8336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        290⤵
        
        PID:8352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        291⤵
        
        PID:8368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        292⤵
        
        PID:8380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        293⤵
        
        PID:8396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        294⤵
        
        PID:8412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        295⤵
        
        PID:8428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        296⤵
        
        PID:8440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        297⤵
        
        PID:8460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        298⤵
        System Location Discovery: System Language Discovery
        
        PID:8476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        299⤵
        
        PID:8492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        300⤵
        
        PID:8508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        301⤵
        
        PID:8524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        302⤵
        
        PID:8540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        303⤵
        
        PID:8556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        304⤵
        
        PID:8572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        305⤵
        
        PID:8584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        306⤵
        
        PID:8600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        307⤵
        
        PID:8616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        308⤵
        
        PID:8632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        309⤵
        
        PID:8648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        310⤵
        System Location Discovery: System Language Discovery
        
        PID:8664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        311⤵
        
        PID:8676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        312⤵
        
        PID:8692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        313⤵
        
        PID:8716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        314⤵
        System Location Discovery: System Language Discovery
        
        PID:8736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        315⤵
        
        PID:8752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        316⤵
        
        PID:8768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        317⤵
        
        PID:8784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        318⤵
        
        PID:8796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        319⤵
        
        PID:8812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        320⤵
        
        PID:8844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        321⤵
        
        PID:8900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        322⤵
        
        PID:8912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        323⤵
        
        PID:8932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        324⤵
        
        PID:8944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        325⤵
        
        PID:8960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        326⤵
        
        PID:8976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        327⤵
        
        PID:8992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        328⤵
        
        PID:9008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        329⤵
        
        PID:9020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        330⤵
        
        PID:9040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        331⤵
        
        PID:9056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        332⤵
        
        PID:9072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        333⤵
        
        PID:9084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        334⤵
        
        PID:9096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        335⤵
        
        PID:9108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        336⤵
        
        PID:9120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        337⤵
        
        PID:9136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        338⤵
        
        PID:9156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        339⤵
        System Location Discovery: System Language Discovery
        
        PID:9172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        340⤵
        
        PID:9184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        341⤵
        
        PID:9204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        342⤵
        
        PID:8144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        343⤵
        
        PID:7564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        344⤵
        
        PID:7720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        345⤵
        
        PID:7792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        346⤵
        
        PID:7944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        347⤵
        
        PID:7832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        348⤵
        
        PID:8708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        349⤵
        
        PID:8836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        350⤵
        
        PID:9228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        351⤵
        
        PID:9240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        352⤵
        
        PID:9256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        353⤵
        
        PID:9272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        354⤵
        
        PID:9284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        355⤵
        
        PID:9296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        356⤵
        
        PID:9312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        357⤵
        
        PID:9328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        358⤵
        
        PID:9344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        359⤵
        
        PID:9360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        360⤵
        
        PID:9372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        361⤵
        
        PID:9388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        362⤵
        
        PID:9404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        363⤵
        
        PID:9420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        364⤵
        
        PID:9436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        365⤵
        
        PID:9452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        366⤵
        
        PID:9468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        367⤵
        
        PID:9480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        368⤵
        
        PID:9496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        369⤵
        
        PID:9508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        370⤵
        
        PID:9524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        371⤵
        
        PID:9540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        372⤵
        
        PID:9552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        373⤵
        
        PID:9564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        374⤵
        
        PID:9584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        375⤵
        
        PID:9600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        376⤵
        
        PID:9612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        377⤵
        
        PID:9624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        378⤵
        
        PID:9640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        379⤵
        
        PID:9656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        380⤵
        
        PID:9672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        381⤵
        
        PID:9688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        382⤵
        
        PID:9704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        383⤵
        System Location Discovery: System Language Discovery
        
        PID:9720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        384⤵
        
        PID:9736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        385⤵
        
        PID:9752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        386⤵
        
        PID:9768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        387⤵
        
        PID:9780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        388⤵
        
        PID:9796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        389⤵
        
        PID:9812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        390⤵
        
        PID:9832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        391⤵
        System Location Discovery: System Language Discovery
        
        PID:9848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        392⤵
        System Location Discovery: System Language Discovery
        
        PID:9864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        393⤵
        
        PID:9880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        394⤵
        
        PID:9896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        395⤵
        
        PID:9908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        396⤵
        
        PID:9924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        397⤵
        
        PID:9936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        398⤵
        System Location Discovery: System Language Discovery
        
        PID:9952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        399⤵
        
        PID:9976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        400⤵
        
        PID:9992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        401⤵
        
        PID:10008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        402⤵
        
        PID:10020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        403⤵
        System Location Discovery: System Language Discovery
        
        PID:10036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        404⤵
        
        PID:10048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        405⤵
        
        PID:10064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        406⤵
        
        PID:10076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        407⤵
        
        PID:10092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        408⤵
        
        PID:10108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        409⤵
        
        PID:10124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        410⤵
        
        PID:10136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        411⤵
        
        PID:10152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        412⤵
        
        PID:10164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        413⤵
        
        PID:10180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        414⤵
        
        PID:10196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        415⤵
        
        PID:10212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        416⤵
        
        PID:10224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        417⤵
        
        PID:10236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        418⤵
        
        PID:10252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        419⤵
        
        PID:10268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        420⤵
        
        PID:10280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        421⤵
        
        PID:10292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        422⤵
        
        PID:10304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        423⤵
        
        PID:10324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        424⤵
        
        PID:10336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        425⤵
        
        PID:10368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        426⤵
        
        PID:10384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        427⤵
        
        PID:10432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        428⤵
        
        PID:10456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        429⤵
        
        PID:10476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        430⤵
        
        PID:10496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        431⤵
        
        PID:10512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        432⤵
        System Location Discovery: System Language Discovery
        
        PID:10528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        433⤵
        
        PID:10556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        434⤵
        System Location Discovery: System Language Discovery
        
        PID:10576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        435⤵
        
        PID:10592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        436⤵
        
        PID:10604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        437⤵
        
        PID:10620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        438⤵
        
        PID:10632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        439⤵
        
        PID:10648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        440⤵
        
        PID:10664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        441⤵
        
        PID:10680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        442⤵
        
        PID:10692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        443⤵
        
        PID:10708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        444⤵
        
        PID:10724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        445⤵
        
        PID:10736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        446⤵
        
        PID:10756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        447⤵
        
        PID:10772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        448⤵
        
        PID:10788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        449⤵
        
        PID:10804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        450⤵
        
        PID:10820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        451⤵
        
        PID:10836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        452⤵
        
        PID:10848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        453⤵
        
        PID:10864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        454⤵
        
        PID:10880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        455⤵
        
        PID:10896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        456⤵
        
        PID:10912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        457⤵
        
        PID:10928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        458⤵
        
        PID:10944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        459⤵
        
        PID:10960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        460⤵
        System Location Discovery: System Language Discovery
        
        PID:10976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        461⤵
        
        PID:10992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        462⤵
        
        PID:11008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        463⤵
        
        PID:11024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        464⤵
        
        PID:11040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        465⤵
        
        PID:11056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        466⤵
        
        PID:11068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        467⤵
        
        PID:11084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        468⤵
        
        PID:11100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        469⤵
        
        PID:11112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        470⤵
        
        PID:11132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        471⤵
        
        PID:11144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        472⤵
        
        PID:11164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        473⤵
        
        PID:11180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        474⤵
        
        PID:11192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        475⤵
        
        PID:11212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        476⤵
        
        PID:11224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        477⤵
        System Location Discovery: System Language Discovery
        
        PID:11244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        478⤵
        
        PID:11260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        479⤵
        
        PID:9964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        480⤵
        
        PID:11272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        481⤵
        System Location Discovery: System Language Discovery
        
        PID:11292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        482⤵
        
        PID:11308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        483⤵
        
        PID:11324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        484⤵
        
        PID:11340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        485⤵
        
        PID:11356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        486⤵
        
        PID:11372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        487⤵
        System Location Discovery: System Language Discovery
        
        PID:11388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        488⤵
        
        PID:11404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        489⤵
        
        PID:11420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        490⤵
        
        PID:11436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        491⤵
        
        PID:11452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        492⤵
        
        PID:11464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        493⤵
        
        PID:11484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        494⤵
        
        PID:11500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        495⤵
        
        PID:11516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        496⤵
        
        PID:11528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        497⤵
        
        PID:11540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        498⤵
        
        PID:11552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        499⤵
        
        PID:11564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        500⤵
        
        PID:11580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        501⤵
        
        PID:11596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        502⤵
        
        PID:11612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        503⤵
        
        PID:11628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        504⤵
        
        PID:11644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        505⤵
        
        PID:11656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        506⤵
        
        PID:11672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        507⤵
        
        PID:11688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        508⤵
        System Location Discovery: System Language Discovery
        
        PID:11704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        509⤵
        
        PID:11720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        510⤵
        
        PID:11736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        511⤵
        
        PID:11748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        512⤵
        
        PID:11768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        513⤵
        
        PID:11784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        514⤵
        
        PID:11800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        515⤵
        
        PID:11816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        516⤵
        
        PID:11832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        517⤵
        System Location Discovery: System Language Discovery
        
        PID:11848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        518⤵
        
        PID:11864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        519⤵
        System Location Discovery: System Language Discovery
        
        PID:11876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        520⤵
        
        PID:11896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        521⤵
        
        PID:11908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        522⤵
        
        PID:11924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        523⤵
        
        PID:11936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        524⤵
        
        PID:11956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        525⤵
        
        PID:11972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        526⤵
        
        PID:11988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        527⤵
        
        PID:12004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        528⤵
        
        PID:12016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        529⤵
        
        PID:12028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        530⤵
        
        PID:12044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        531⤵
        
        PID:12060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        532⤵
        
        PID:12072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        533⤵
        
        PID:12092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        534⤵
        
        PID:12108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        535⤵
        
        PID:12120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        536⤵
        
        PID:12136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        537⤵
        
        PID:12152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        538⤵
        
        PID:12168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        539⤵
        
        PID:12184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        540⤵
        
        PID:12200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        541⤵
        System Location Discovery: System Language Discovery
        
        PID:12216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        542⤵
        System Location Discovery: System Language Discovery
        
        PID:12232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        543⤵
        
        PID:12244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        544⤵
        
        PID:12256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        545⤵
        
        PID:12272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        546⤵
        
        PID:5100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        547⤵
        
        PID:5476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        548⤵
        System Location Discovery: System Language Discovery
        
        PID:1048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        549⤵
        
        PID:1428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        550⤵
        
        PID:3616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        551⤵
        System Location Discovery: System Language Discovery
        
        PID:5692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        552⤵
        
        PID:12300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        553⤵
        
        PID:12312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        554⤵
        
        PID:12324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        555⤵
        
        PID:12340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        556⤵
        
        PID:12356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        557⤵
        
        PID:12372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        558⤵
        
        PID:12388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        559⤵
        
        PID:12404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        560⤵
        
        PID:12420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        561⤵
        
        PID:12436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        562⤵
        
        PID:12452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        563⤵
        
        PID:12468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        564⤵
        System Location Discovery: System Language Discovery
        
        PID:12484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        565⤵
        
        PID:12500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        566⤵
        
        PID:12516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        567⤵
        
        PID:12528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        568⤵
        
        PID:12544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        569⤵
        System Location Discovery: System Language Discovery
        
        PID:12560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        570⤵
        
        PID:12576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        571⤵
        
        PID:12588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        572⤵
        
        PID:12604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        573⤵
        
        PID:12616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        574⤵
        
        PID:12636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        575⤵
        System Location Discovery: System Language Discovery
        
        PID:12652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        576⤵
        
        PID:12664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        577⤵
        
        PID:12680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        578⤵
        System Location Discovery: System Language Discovery
        
        PID:12696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        579⤵
        
        PID:12712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        580⤵
        
        PID:12724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        581⤵
        
        PID:12740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        582⤵
        
        PID:12752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        583⤵
        
        PID:12768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        584⤵
        
        PID:12784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        585⤵
        
        PID:12800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        586⤵
        
        PID:12812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        587⤵
        
        PID:12824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        588⤵
        
        PID:12840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        589⤵
        
        PID:12856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        590⤵
        
        PID:12872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        591⤵
        
        PID:12888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        592⤵
        
        PID:12904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        593⤵
        
        PID:12920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        594⤵
        
        PID:12936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        595⤵
        
        PID:12952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        596⤵
        
        PID:12968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        597⤵
        
        PID:12988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        598⤵
        
        PID:13000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        599⤵
        
        PID:13020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        600⤵
        
        PID:13036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        601⤵
        
        PID:13052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        602⤵
        
        PID:13064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        603⤵
        
        PID:13080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        604⤵
        
        PID:13096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        605⤵
        
        PID:13112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        606⤵
        
        PID:13132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        607⤵
        
        PID:13144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        608⤵
        
        PID:13164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        609⤵
        
        PID:13184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        610⤵
        
        PID:13200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        611⤵
        
        PID:13212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        612⤵
        
        PID:13228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        613⤵
        
        PID:13244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        614⤵
        
        PID:13260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        615⤵
        
        PID:13276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        616⤵
        
        PID:13292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        617⤵
        
        PID:13308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        618⤵
        
        PID:13152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        619⤵
        System Location Discovery: System Language Discovery
        
        PID:13324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        620⤵
        
        PID:13340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        621⤵
        
        PID:13356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        622⤵
        
        PID:13372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        623⤵
        
        PID:13388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        624⤵
        
        PID:13404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        625⤵
        
        PID:13420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        626⤵
        
        PID:13436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        627⤵
        
        PID:13452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        628⤵
        
        PID:13468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        629⤵
        
        PID:13484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        630⤵
        
        PID:13500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        631⤵
        
        PID:13512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        632⤵
        
        PID:13532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        633⤵
        
        PID:13548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        634⤵
        
        PID:13564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        635⤵
        
        PID:13580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        636⤵
        
        PID:13596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        637⤵
        
        PID:13612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        638⤵
        
        PID:13628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        639⤵
        
        PID:13644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        640⤵
        
        PID:13660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        641⤵
        
        PID:13676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        642⤵
        
        PID:13688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        643⤵
        
        PID:13704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        644⤵
        
        PID:13716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        645⤵
        
        PID:13736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        646⤵
        
        PID:13752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        647⤵
        
        PID:13768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        648⤵
        
        PID:13784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        649⤵
        
        PID:13800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        650⤵
        
        PID:13816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        651⤵
        
        PID:13832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        652⤵
        
        PID:13848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        653⤵
        
        PID:13864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        654⤵
        
        PID:13880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        655⤵
        
        PID:13896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        656⤵
        
        PID:13912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        657⤵
        
        PID:13936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        658⤵
        
        PID:13960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        659⤵
        
        PID:13976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        660⤵
        
        PID:13992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        661⤵
        
        PID:14008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        662⤵
        
        PID:14024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        663⤵
        
        PID:14040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        664⤵
        
        PID:14056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        665⤵
        
        PID:14068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        666⤵
        
        PID:14088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        667⤵
        
        PID:14104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        668⤵
        
        PID:14120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        669⤵
        
        PID:14136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        670⤵
        
        PID:14148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        671⤵
        
        PID:14160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        672⤵
        
        PID:14176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        673⤵
        
        PID:14192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        674⤵
        System Location Discovery: System Language Discovery
        
        PID:14208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        675⤵
        System Location Discovery: System Language Discovery
        
        PID:14224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        676⤵
        
        PID:14236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        677⤵
        
        PID:14256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        678⤵
        
        PID:14268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        679⤵
        
        PID:14288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        680⤵
        System Location Discovery: System Language Discovery
        
        PID:14304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        681⤵
        
        PID:14320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        682⤵
        
        PID:4340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        683⤵
        
        PID:14344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        684⤵
        
        PID:14360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        685⤵
        
        PID:14376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        686⤵
        
        PID:14388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        687⤵
        System Location Discovery: System Language Discovery
        
        PID:14408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        688⤵
        
        PID:14424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        689⤵
        
        PID:14436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        690⤵
        
        PID:14452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        691⤵
        
        PID:14468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        692⤵
        
        PID:14484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        693⤵
        
        PID:14496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        694⤵
        
        PID:14516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        695⤵
        
        PID:14528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        696⤵
        System Location Discovery: System Language Discovery
        
        PID:14540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        697⤵
        
        PID:14556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        698⤵
        
        PID:14568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        699⤵
        
        PID:14584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        700⤵
        
        PID:14600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        701⤵
        
        PID:14612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        702⤵
        
        PID:14628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        703⤵
        
        PID:14644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        704⤵
        
        PID:14660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        705⤵
        
        PID:14676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        706⤵
        
        PID:14692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        707⤵
        
        PID:14704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        708⤵
        
        PID:14720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        709⤵
        
        PID:14736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        710⤵
        
        PID:14752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        711⤵
        
        PID:14768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        712⤵
        
        PID:14780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        713⤵
        
        PID:14800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        714⤵
        
        PID:14812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        715⤵
        
        PID:14828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        716⤵
        
        PID:14844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        717⤵
        
        PID:14860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        718⤵
        
        PID:14872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        719⤵
        
        PID:14888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        720⤵
        
        PID:14904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        721⤵
        
        PID:14920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        722⤵
        
        PID:14936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        723⤵
        
        PID:14952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        724⤵
        
        PID:14968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        725⤵
        System Location Discovery: System Language Discovery
        
        PID:14984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        726⤵
        
        PID:15004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        727⤵
        
        PID:15016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        728⤵
        
        PID:15036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        729⤵
        
        PID:15048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        730⤵
        
        PID:15064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        731⤵
        
        PID:15080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        732⤵
        
        PID:15092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        733⤵
        
        PID:15108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        734⤵
        
        PID:15124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        735⤵
        
        PID:15140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        736⤵
        
        PID:15156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        737⤵
        
        PID:15172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        738⤵
        
        PID:15188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        739⤵
        
        PID:15200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        740⤵
        
        PID:15216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        741⤵
        
        PID:15232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        742⤵
        
        PID:15248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        743⤵
        
        PID:15260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        744⤵
        System Location Discovery: System Language Discovery
        
        PID:15276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        745⤵
        
        PID:15288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        746⤵
        
        PID:15304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        747⤵
        System Location Discovery: System Language Discovery
        
        PID:15324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        748⤵
        
        PID:15340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        749⤵
        
        PID:15356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        750⤵
        
        PID:15368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        751⤵
        
        PID:15384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        752⤵
        
        PID:15400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        753⤵
        
        PID:15416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        754⤵
        
        PID:15432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        755⤵
        
        PID:15448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        756⤵
        
        PID:15464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        757⤵
        
        PID:15480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        758⤵
        
        PID:15496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        759⤵
        
        PID:15512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        760⤵
        
        PID:15528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        761⤵
        
        PID:15544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        762⤵
        
        PID:15560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        763⤵
        
        PID:15576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        764⤵
        
        PID:15588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        765⤵
        
        PID:15604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        766⤵
        
        PID:15624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        767⤵
        
        PID:15636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        768⤵
        
        PID:15652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        769⤵
        System Location Discovery: System Language Discovery
        
        PID:15668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        770⤵
        
        PID:15684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        771⤵
        
        PID:15700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        772⤵
        
        PID:15716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        773⤵
        
        PID:15732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        774⤵
        
        PID:15748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        775⤵
        
        PID:15764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        776⤵
        
        PID:15780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        777⤵
        
        PID:15796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        778⤵
        
        PID:15812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        779⤵
        
        PID:15828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        780⤵
        
        PID:15844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        781⤵
        
        PID:15860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        782⤵
        
        PID:15872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        783⤵
        
        PID:15888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        784⤵
        
        PID:15900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        785⤵
        
        PID:15916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        786⤵
        
        PID:15932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        787⤵
        
        PID:15948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        788⤵
        
        PID:15964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        789⤵
        System Location Discovery: System Language Discovery
        
        PID:15976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        790⤵
        
        PID:15992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        791⤵
        
        PID:16004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        792⤵
        
        PID:16020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        793⤵
        
        PID:16036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        794⤵
        
        PID:16048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        795⤵
        
        PID:16060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        796⤵
        
        PID:16076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        797⤵
        
        PID:16092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        798⤵
        
        PID:16108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        799⤵
        
        PID:16124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        800⤵
        
        PID:16140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        801⤵
        
        PID:16156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        802⤵
        
        PID:16168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        803⤵
        
        PID:16184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        804⤵
        
        PID:16200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        805⤵
        
        PID:16220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        806⤵
        
        PID:16236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        807⤵
        
        PID:16252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        808⤵
        
        PID:16268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        809⤵
        
        PID:16284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        810⤵
        
        PID:16296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        811⤵
        
        PID:16312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        812⤵
        
        PID:16328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        813⤵
        
        PID:16340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        814⤵
        
        PID:16356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        815⤵
        
        PID:16372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        816⤵
        
        PID:7576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        817⤵
        
        PID:7580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        818⤵
        
        PID:15612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        819⤵
        
        PID:16396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        820⤵
        
        PID:16408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        821⤵
        
        PID:16420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        822⤵
        
        PID:16432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        823⤵
        System Location Discovery: System Language Discovery
        
        PID:16448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        824⤵
        
        PID:16464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        825⤵
        
        PID:16480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        826⤵
        
        PID:16496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        827⤵
        
        PID:16512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        828⤵
        
        PID:16528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        829⤵
        
        PID:16540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        830⤵
        
        PID:16552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        831⤵
        
        PID:16568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        832⤵
        
        PID:16580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        833⤵
        
        PID:16596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        834⤵
        
        PID:16612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        835⤵
        
        PID:16628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        836⤵
        
        PID:16644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        837⤵
        
        PID:16656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        838⤵
        
        PID:16672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        839⤵
        
        PID:16688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        840⤵
        
        PID:16704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        841⤵
        
        PID:16720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        842⤵
        
        PID:16732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        843⤵
        
        PID:16744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        844⤵
        
        PID:16756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        845⤵
        
        PID:16780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        846⤵
        
        PID:16796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        847⤵
        
        PID:16808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        848⤵
        
        PID:16820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        849⤵
        
        PID:16836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        850⤵
        
        PID:16848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        851⤵
        
        PID:16868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        852⤵
        
        PID:16880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        853⤵
        
        PID:16896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        854⤵
        
        PID:16908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        855⤵
        
        PID:16924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        856⤵
        
        PID:16940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        857⤵
        
        PID:16956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        858⤵
        
        PID:16972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        859⤵
        
        PID:16988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        860⤵
        
        PID:17004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        861⤵
        
        PID:17016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        862⤵
        
        PID:17032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        863⤵
        
        PID:17048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        864⤵
        
        PID:17064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        865⤵
        
        PID:17080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        866⤵
        
        PID:17096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        867⤵
        
        PID:17108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        868⤵
        
        PID:17128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        869⤵
        
        PID:17144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        870⤵
        System Location Discovery: System Language Discovery
        
        PID:17160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        871⤵
        
        PID:17176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        872⤵
        
        PID:17192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        873⤵
        
        PID:17208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        874⤵
        
        PID:17220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        875⤵
        
        PID:17232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        876⤵
        
        PID:17248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\8770823321ee3f4b0e2b017968652d76_JaffaCakes118.dll,#1
        877⤵
        
        PID:17264

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/856-20-0x0000000075470000-0x00000000756F4000-memory.dmp

Filesize
2.5MB

Download
memory/952-0-0x0000000075470000-0x00000000756F4000-memory.dmp

Filesize
2.5MB

Download
memory/4328-3-0x0000000075470000-0x00000000756F4000-memory.dmp

Filesize
2.5MB

Download