65c3685662e5b9954eb6d23d2a3f5742aa986c353747ca487dbef4f7d0cdaee4

Analysis

max time kernel
150s
max time network
19s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
14/08/2024, 13:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Size

395KB
MD5

964810c1a44ce740642f5c48e27f197c
SHA1

a35d48c2d6284a39822033fe21ef24a056603015
SHA256

65c3685662e5b9954eb6d23d2a3f5742aa986c353747ca487dbef4f7d0cdaee4
SHA512

582deb2721560742381617e81bca541caf71513817de03d71ad79caf19b987fca58b015ba5f3671f09771d21d2c5496e589dfa1b8a604de47ea6217fed00db59
SSDEEP

12288:9Mr1Kd/7fFM+igtSB984b12RoT5miIruzopvg2:9MrAdi+irXb1zIrxg2

Score

5^/10

Malware Config

Signatures

Suspicious use of SetThreadContext 64 IoCs

description	pid	Process	procid_target
PID 1732 set thread context of 2332	1732	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	30
PID 2332 set thread context of 2788	2332	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	31
PID 2788 set thread context of 2772	2788	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	32
PID 2772 set thread context of 2664	2772	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	33
PID 2664 set thread context of 3064	2664	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	34
PID 3064 set thread context of 2120	3064	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	35
PID 2120 set thread context of 1084	2120	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	36
PID 1084 set thread context of 2544	1084	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	37
PID 2544 set thread context of 2956	2544	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	38
PID 2956 set thread context of 940	2956	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	39
PID 940 set thread context of 1984	940	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	40
PID 1984 set thread context of 2424	1984	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	41
PID 2424 set thread context of 1196	2424	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	42
PID 1196 set thread context of 960	1196	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	43
PID 960 set thread context of 1900	960	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	44
PID 1900 set thread context of 3008	1900	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	45
PID 3008 set thread context of 1772	3008	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	46
PID 1772 set thread context of 1636	1772	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	47
PID 1636 set thread context of 1920	1636	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	48
PID 1920 set thread context of 864	1920	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	49
PID 864 set thread context of 1596	864	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	50
PID 1596 set thread context of 2840	1596	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	51
PID 2840 set thread context of 2768	2840	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	52
PID 2768 set thread context of 2868	2768	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	53
PID 2868 set thread context of 2636	2868	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	54
PID 2636 set thread context of 2644	2636	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	55
PID 2644 set thread context of 1528	2644	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	56
PID 1528 set thread context of 2404	1528	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	57
PID 2404 set thread context of 2484	2404	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	58
PID 2484 set thread context of 660	2484	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	59
PID 660 set thread context of 928	660	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	60
PID 928 set thread context of 2036	928	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	61
PID 2036 set thread context of 2232	2036	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	62
PID 2232 set thread context of 2136	2232	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	63
PID 2136 set thread context of 2216	2136	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	64
PID 2216 set thread context of 900	2216	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	65
PID 900 set thread context of 1072	900	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	66
PID 1072 set thread context of 520	1072	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	67
PID 520 set thread context of 1064	520	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	68
PID 1064 set thread context of 2456	1064	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	69
PID 2456 set thread context of 692	2456	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	70
PID 692 set thread context of 2080	692	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	71
PID 2080 set thread context of 2224	2080	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	72
PID 2224 set thread context of 2784	2224	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	73
PID 2784 set thread context of 2896	2784	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	74
PID 2896 set thread context of 2872	2896	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	75
PID 2872 set thread context of 2676	2872	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	76
PID 2676 set thread context of 576	2676	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	77
PID 576 set thread context of 1432	576	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	78
PID 1432 set thread context of 3064	1432	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	79
PID 3064 set thread context of 1460	3064	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	80
PID 1460 set thread context of 1864	1460	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	81
PID 1864 set thread context of 1736	1864	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	82
PID 1736 set thread context of 1560	1736	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	83
PID 1560 set thread context of 848	1560	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	84
PID 848 set thread context of 2276	848	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	85
PID 2276 set thread context of 884	2276	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	86
PID 884 set thread context of 1784	884	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	87
PID 1784 set thread context of 2540	1784	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	88
PID 2540 set thread context of 2412	2540	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	89
PID 2412 set thread context of 640	2412	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	90
PID 640 set thread context of 1952	640	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	91
PID 1952 set thread context of 1956	1952	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	92
PID 1956 set thread context of 1060	1956	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	93

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeDebugPrivilege	1732	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	2332	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	2788	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	2772	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	2664	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	3064	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	2120	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	1084	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	2544	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	2956	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	940	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	1984	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	2424	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	1196	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	960	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	1900	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	3008	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	1772	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	1636	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	1920	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	864	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	1596	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	2840	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	2768	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	2868	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	2636	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	2644	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	1528	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	2404	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	2484	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	660	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	928	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	2036	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	2232	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	2136	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	2216	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	900	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	1072	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	520	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	1064	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	2456	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	692	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	2080	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	2224	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	2784	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	2896	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	2872	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	2676	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	576	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	1432	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	3064	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	1460	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	1864	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	1736	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	1560	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	848	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	2276	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	884	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	1784	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	2540	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	2412	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	640	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	1952	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
Token: SeDebugPrivilege	1956	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1732 wrote to memory of 2332	1732	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	30
PID 1732 wrote to memory of 2332	1732	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	30
PID 1732 wrote to memory of 2332	1732	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	30
PID 1732 wrote to memory of 2332	1732	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	30
PID 1732 wrote to memory of 2332	1732	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	30
PID 1732 wrote to memory of 2332	1732	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	30
PID 1732 wrote to memory of 2332	1732	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	30
PID 1732 wrote to memory of 2332	1732	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	30
PID 2332 wrote to memory of 2788	2332	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	31
PID 2332 wrote to memory of 2788	2332	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	31
PID 2332 wrote to memory of 2788	2332	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	31
PID 2332 wrote to memory of 2788	2332	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	31
PID 2332 wrote to memory of 2788	2332	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	31
PID 2332 wrote to memory of 2788	2332	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	31
PID 2332 wrote to memory of 2788	2332	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	31
PID 2332 wrote to memory of 2788	2332	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	31
PID 2788 wrote to memory of 2772	2788	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	32
PID 2788 wrote to memory of 2772	2788	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	32
PID 2788 wrote to memory of 2772	2788	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	32
PID 2788 wrote to memory of 2772	2788	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	32
PID 2788 wrote to memory of 2772	2788	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	32
PID 2788 wrote to memory of 2772	2788	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	32
PID 2788 wrote to memory of 2772	2788	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	32
PID 2788 wrote to memory of 2772	2788	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	32
PID 2772 wrote to memory of 2664	2772	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	33
PID 2772 wrote to memory of 2664	2772	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	33
PID 2772 wrote to memory of 2664	2772	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	33
PID 2772 wrote to memory of 2664	2772	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	33
PID 2772 wrote to memory of 2664	2772	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	33
PID 2772 wrote to memory of 2664	2772	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	33
PID 2772 wrote to memory of 2664	2772	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	33
PID 2772 wrote to memory of 2664	2772	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	33
PID 2664 wrote to memory of 3064	2664	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	34
PID 2664 wrote to memory of 3064	2664	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	34
PID 2664 wrote to memory of 3064	2664	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	34
PID 2664 wrote to memory of 3064	2664	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	34
PID 2664 wrote to memory of 3064	2664	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	34
PID 2664 wrote to memory of 3064	2664	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	34
PID 2664 wrote to memory of 3064	2664	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	34
PID 2664 wrote to memory of 3064	2664	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	34
PID 3064 wrote to memory of 2120	3064	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	35
PID 3064 wrote to memory of 2120	3064	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	35
PID 3064 wrote to memory of 2120	3064	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	35
PID 3064 wrote to memory of 2120	3064	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	35
PID 3064 wrote to memory of 2120	3064	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	35
PID 3064 wrote to memory of 2120	3064	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	35
PID 3064 wrote to memory of 2120	3064	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	35
PID 3064 wrote to memory of 2120	3064	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	35
PID 2120 wrote to memory of 1084	2120	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	36
PID 2120 wrote to memory of 1084	2120	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	36
PID 2120 wrote to memory of 1084	2120	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	36
PID 2120 wrote to memory of 1084	2120	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	36
PID 2120 wrote to memory of 1084	2120	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	36
PID 2120 wrote to memory of 1084	2120	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	36
PID 2120 wrote to memory of 1084	2120	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	36
PID 2120 wrote to memory of 1084	2120	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	36
PID 1084 wrote to memory of 2544	1084	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	37
PID 1084 wrote to memory of 2544	1084	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	37
PID 1084 wrote to memory of 2544	1084	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	37
PID 1084 wrote to memory of 2544	1084	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	37
PID 1084 wrote to memory of 2544	1084	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	37
PID 1084 wrote to memory of 2544	1084	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	37
PID 1084 wrote to memory of 2544	1084	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	37
PID 1084 wrote to memory of 2544	1084	964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe	37

C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe"
1⤵
- Suspicious use of SetThreadContext
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:1732
- C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
  C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
  2⤵
  - Suspicious use of SetThreadContext
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of WriteProcessMemory
  PID:2332
- - C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
    C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
    3⤵
    - Suspicious use of SetThreadContext
    - Suspicious use of AdjustPrivilegeToken
    - Suspicious use of WriteProcessMemory
    PID:2788
  - - C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
      C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
      4⤵
      Suspicious use of SetThreadContext
      Suspicious use of AdjustPrivilegeToken
      Suspicious use of WriteProcessMemory
      PID:2772
    - - C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        5⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:2664
      - C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        6⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:3064
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        7⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:2120
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        8⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:1084
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        9⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:2544
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        10⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:2956
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        11⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:940
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        12⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:1984
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        13⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:2424
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        14⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:1196
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        15⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:960
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        16⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:1900
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        17⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:3008
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        18⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:1772
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        19⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:1636
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        20⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:1920
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        21⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:864
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        22⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:1596
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        23⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:2840
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        24⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:2768
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        25⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:2868
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        26⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:2636
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        27⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:2644
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        28⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:1528
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        29⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:2404
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        30⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:2484
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        31⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:660
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        32⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:928
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        33⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:2036
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        34⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:2232
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        35⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:2136
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        36⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:2216
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        37⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:900
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        38⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:1072
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        39⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:520
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        40⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:1064
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        41⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:2456
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        42⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:692
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        43⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:2080
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        44⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:2224
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        45⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:2784
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        46⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:2896
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        47⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:2872
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        48⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:2676
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        49⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:576
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        50⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:1432
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        51⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:3064
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        52⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:1460
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        53⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:1864
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        54⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:1736
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        55⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:1560
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        56⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:848
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        57⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:2276
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        58⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:884
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        59⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:1784
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        60⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:2540
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        61⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:2412
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        62⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:640
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        63⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:1952
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        64⤵
        Suspicious use of SetThreadContext
        Suspicious use of AdjustPrivilegeToken
        
        PID:1956
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        65⤵
        
        PID:1060
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        66⤵
        
        PID:1592
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        67⤵
        
        PID:2300
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        68⤵
        
        PID:2856
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        69⤵
        
        PID:2780
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        70⤵
        
        PID:892
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        71⤵
        
        PID:2804
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        72⤵
        
        PID:344
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        73⤵
        
        PID:1264
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        74⤵
        
        PID:1364
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        75⤵
        
        PID:2696
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        76⤵
        
        PID:2940
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        77⤵
        
        PID:2956
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        78⤵
        
        PID:2460
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        79⤵
        
        PID:2476
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        80⤵
        
        PID:1344
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        81⤵
        
        PID:2272
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        82⤵
        
        PID:972
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        83⤵
        
        PID:1384
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        84⤵
        
        PID:1740
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        85⤵
        
        PID:3068
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        86⤵
        
        PID:2464
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        87⤵
        
        PID:1512
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        88⤵
        
        PID:1920
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        89⤵
        
        PID:2436
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        90⤵
        
        PID:1596
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        91⤵
        
        PID:2908
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        92⤵
        
        PID:2668
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        93⤵
        
        PID:2680
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        94⤵
        
        PID:1744
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        95⤵
        
        PID:2112
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        96⤵
        
        PID:1608
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        97⤵
        
        PID:2096
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        98⤵
        
        PID:1336
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        99⤵
        
        PID:1564
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        100⤵
        
        PID:2328
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        101⤵
        
        PID:3004
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        102⤵
        
        PID:2256
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        103⤵
        
        PID:2308
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        104⤵
        
        PID:596
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        105⤵
        
        PID:2376
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        106⤵
        
        PID:684
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        107⤵
        
        PID:1820
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        108⤵
        
        PID:3040
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        109⤵
        
        PID:1688
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        110⤵
        
        PID:2496
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        111⤵
        
        PID:2916
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        112⤵
        
        PID:2976
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        113⤵
        
        PID:2796
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        114⤵
        
        PID:2748
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        115⤵
        
        PID:2612
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        116⤵
        
        PID:2532
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        117⤵
        
        PID:2664
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        118⤵
        
        PID:1880
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        119⤵
        
        PID:1496
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        120⤵
        
        PID:568
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        121⤵
        
        PID:1860
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        122⤵
        
        PID:432
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        123⤵
        
        PID:2268
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        124⤵
        
        PID:2052
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        125⤵
        
        PID:1520
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        126⤵
        
        PID:1868
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        127⤵
        
        PID:900
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        128⤵
        
        PID:2556
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        129⤵
        
        PID:1604
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        130⤵
        
        PID:1480
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        131⤵
        
        PID:1712
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        132⤵
        
        PID:2528
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        133⤵
        
        PID:2076
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        134⤵
        
        PID:952
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        135⤵
        
        PID:2480
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        136⤵
        
        PID:2708
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        137⤵
        
        PID:2900
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        138⤵
        
        PID:1760
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        139⤵
        
        PID:1580
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        140⤵
        
        PID:2952
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        141⤵
        
        PID:2064
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        142⤵
        
        PID:292
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        143⤵
        
        PID:940
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        144⤵
        
        PID:2420
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        145⤵
        
        PID:2536
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        146⤵
        
        PID:2128
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        147⤵
        
        PID:2024
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        148⤵
        
        PID:2216
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        149⤵
        
        PID:2228
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        150⤵
        
        PID:520
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        151⤵
        
        PID:2060
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        152⤵
        
        PID:1188
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        153⤵
        
        PID:2316
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        154⤵
        
        PID:1708
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        155⤵
        
        PID:2960
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        156⤵
        
        PID:2840
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        157⤵
        
        PID:2296
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        158⤵
        
        PID:2808
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        159⤵
        
        PID:3048
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        160⤵
        
        PID:2616
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        161⤵
        
        PID:1872
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        162⤵
        
        PID:2132
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        163⤵
        
        PID:944
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        164⤵
        
        PID:2948
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        165⤵
        
        PID:512
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        166⤵
        
        PID:2208
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        167⤵
        
        PID:2144
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        168⤵
        
        PID:2696
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        169⤵
        
        PID:2276
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        170⤵
        
        PID:1752
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        171⤵
        
        PID:2272
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        172⤵
        
        PID:844
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        173⤵
        
        PID:900
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        174⤵
        
        PID:520
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        175⤵
        
        PID:2400
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        176⤵
        
        PID:2264
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        177⤵
        
        PID:1648
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        178⤵
        
        PID:2928
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        179⤵
        
        PID:924
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        180⤵
        
        PID:2168
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        181⤵
        
        PID:2472
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        182⤵
        
        PID:2636
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        183⤵
        
        PID:2680
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        184⤵
        
        PID:3060
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        185⤵
        
        PID:936
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        186⤵
        
        PID:332
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        187⤵
        
        PID:1804
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        188⤵
        
        PID:2280
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        189⤵
        
        PID:812
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        190⤵
        
        PID:2236
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        191⤵
        
        PID:2164
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        192⤵
        
        PID:552
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        193⤵
        
        PID:2968
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        194⤵
        
        PID:972
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        195⤵
        
        PID:1184
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        196⤵
        
        PID:992
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        197⤵
        
        PID:2444
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        198⤵
        
        PID:2336
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        199⤵
        
        PID:1704
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        200⤵
        
        PID:2316
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        201⤵
        
        PID:1708
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        202⤵
        
        PID:948
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        203⤵
        
        PID:2884
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        204⤵
        
        PID:2908
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        205⤵
        
        PID:2708
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        206⤵
        
        PID:2844
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        207⤵
        
        PID:2804
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        208⤵
        
        PID:1296
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        209⤵
        
        PID:2132
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        210⤵
        
        PID:2112
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        211⤵
        
        PID:3000
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        212⤵
        
        PID:2260
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        213⤵
        
        PID:2208
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        214⤵
        
        PID:2144
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        215⤵
        
        PID:2128
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        216⤵
        
        PID:1988
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        217⤵
        
        PID:1520
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        218⤵
        
        PID:1068
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        219⤵
        
        PID:1004
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        220⤵
        
        PID:1740
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        221⤵
        
        PID:3008
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        222⤵
        
        PID:3024
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        223⤵
        
        PID:3068
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        224⤵
        
        PID:692
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        225⤵
        
        PID:2760
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        226⤵
        
        PID:2196
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        227⤵
        
        PID:2824
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        228⤵
        
        PID:2988
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        229⤵
        
        PID:1992
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        230⤵
        
        PID:2508
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        231⤵
        
        PID:2780
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        232⤵
        
        PID:2672
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        233⤵
        
        PID:1244
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        234⤵
        
        PID:1804
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        235⤵
        
        PID:2280
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        236⤵
        
        PID:1528
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        237⤵
        
        PID:2236
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        238⤵
        
        PID:2164
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        239⤵
        
        PID:1160
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        240⤵
        
        PID:2424
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        241⤵
        
        PID:2008
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        242⤵
        
        PID:2540
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        243⤵
        
        PID:2548
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        244⤵
        
        PID:1060
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        245⤵
        
        PID:1076
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        246⤵
        
        PID:1188
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        247⤵
        
        PID:2156
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        248⤵
        
        PID:2860
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        249⤵
        
        PID:2360
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        250⤵
        
        PID:2408
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        251⤵
        
        PID:2472
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        252⤵
        
        PID:2636
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        253⤵
        
        PID:1872
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        254⤵
        
        PID:2736
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        255⤵
        
        PID:1744
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        256⤵
        
        PID:928
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        257⤵
        
        PID:512
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        258⤵
        
        PID:2220
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        259⤵
        
        PID:2212
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        260⤵
        
        PID:2524
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        261⤵
        
        PID:2276
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        262⤵
        
        PID:2124
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        263⤵
        
        PID:2920
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        264⤵
        
        PID:1696
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        265⤵
        
        PID:2596
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        266⤵
        
        PID:856
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        267⤵
        
        PID:1900
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        268⤵
        
        PID:1688
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        269⤵
        
        PID:908
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        270⤵
        
        PID:2060
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        271⤵
        
        PID:2700
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        272⤵
        
        PID:2828
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        273⤵
        
        PID:2656
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        274⤵
        
        PID:2292
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        275⤵
        
        PID:952
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        276⤵
        
        PID:2432
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        277⤵
        
        PID:2644
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        278⤵
        
        PID:2664
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        279⤵
        
        PID:1736
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        280⤵
        
        PID:2064
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        281⤵
        
        PID:1656
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        282⤵
        
        PID:1152
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        283⤵
        
        PID:1972
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        284⤵
        
        PID:848
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        285⤵
        
        PID:1048
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        286⤵
        
        PID:2180
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        287⤵
        
        PID:920
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        288⤵
        
        PID:560
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        289⤵
        
        PID:2192
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        290⤵
        
        PID:2388
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        291⤵
        
        PID:1372
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        292⤵
        
        PID:2336
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        293⤵
        
        PID:2564
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        294⤵
        
        PID:3068
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        295⤵
        
        PID:2300
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        296⤵
        
        PID:2196
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        297⤵
        
        PID:2820
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        298⤵
        
        PID:2120
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        299⤵
        
        PID:1276
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        300⤵
        
        PID:324
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        301⤵
        
        PID:944
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        302⤵
        
        PID:2404
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        303⤵
        
        PID:940
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        304⤵
        
        PID:2648
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        305⤵
        
        PID:1776
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        306⤵
        
        PID:2876
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        307⤵
        
        PID:596
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        308⤵
        
        PID:1548
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        309⤵
        
        PID:436
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        310⤵
        
        PID:1368
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        311⤵
        
        PID:1748
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        312⤵
        
        PID:2556
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        313⤵
        
        PID:3032
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        314⤵
        
        PID:520
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        315⤵
        
        PID:3008
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        316⤵
        
        PID:1596
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        317⤵
        
        PID:2504
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        318⤵
        
        PID:3016
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        319⤵
        
        PID:2792
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        320⤵
        
        PID:2788
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        321⤵
        
        PID:2864
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        322⤵
        
        PID:1248
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        323⤵
        
        PID:2168
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        324⤵
        
        PID:1432
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        325⤵
        
        PID:2572
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        326⤵
        
        PID:2520
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        327⤵
        
        PID:1008
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        328⤵
        
        PID:1616
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        329⤵
        
        PID:1528
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        330⤵
        
        PID:1336
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        331⤵
        
        PID:1784
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        332⤵
        
        PID:2376
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        333⤵
        
        PID:1700
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        334⤵
        
        PID:1680
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        335⤵
        
        PID:684
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        336⤵
        
        PID:2596
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        337⤵
        
        PID:1112
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        338⤵
        
        PID:828
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        339⤵
        
        PID:2152
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        340⤵
        
        PID:1512
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        341⤵
        
        PID:2632
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        342⤵
        
        PID:2800
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        343⤵
        
        PID:2852
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        344⤵
        
        PID:1816
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        345⤵
        
        PID:2108
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        346⤵
        
        PID:892
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        347⤵
        
        PID:2732
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        348⤵
        
        PID:2736
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        349⤵
        
        PID:1916
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        350⤵
        
        PID:2572
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        351⤵
        
        PID:2520
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        352⤵
        
        PID:2320
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        353⤵
        
        PID:1928
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        354⤵
        
        PID:2356
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        355⤵
        
        PID:812
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        356⤵
        
        PID:552
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        357⤵
        
        PID:2272
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        358⤵
        
        PID:1368
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        359⤵
        
        PID:640
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        360⤵
        
        PID:540
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        361⤵
        
        PID:1712
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        362⤵
        
        PID:1188
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        363⤵
        
        PID:1920
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        364⤵
        
        PID:2760
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        365⤵
        
        PID:1888
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        366⤵
        
        PID:2812
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        367⤵
        
        PID:2656
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        368⤵
        
        PID:328
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        369⤵
        
        PID:1276
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        370⤵
        
        PID:1084
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        371⤵
        
        PID:2644
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        372⤵
        
        PID:1316
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        373⤵
        
        PID:2132
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        374⤵
        
        PID:1564
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        375⤵
        
        PID:2312
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        376⤵
        
        PID:2200
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        377⤵
        
        PID:320
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        378⤵
        
        PID:2184
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        379⤵
        
        PID:2968
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        380⤵
        
        PID:1536
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        381⤵
        
        PID:1868
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        382⤵
        
        PID:1724
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        383⤵
        
        PID:2556
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        384⤵
        
        PID:1064
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        385⤵
        
        PID:900
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        386⤵
        
        PID:3044
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        387⤵
        
        PID:2912
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        388⤵
        
        PID:2300
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        389⤵
        
        PID:576
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        390⤵
        
        PID:2480
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        391⤵
        
        PID:2532
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        392⤵
        
        PID:1264
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        393⤵
        
        PID:2304
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        394⤵
        
        PID:824
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        395⤵
        
        PID:944
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        396⤵
        
        PID:1984
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        397⤵
        
        PID:2064
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        398⤵
        
        PID:2036
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        399⤵
        
        PID:2492
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        400⤵
        
        PID:1616
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        401⤵
        
        PID:848
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        402⤵
        
        PID:2560
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        403⤵
        
        PID:1196
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        404⤵
        
        PID:1784
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        405⤵
        
        PID:2172
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        406⤵
        
        PID:2740
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        407⤵
        
        PID:1740
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        408⤵
        
        PID:1544
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        409⤵
        
        PID:828
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\964810c1a44ce740642f5c48e27f197c_JaffaCakes118.exe
        410⤵
        
        PID:1596

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\cwoc1760CW.exe

Filesize
340KB

MD5
8547fdf6638f51853be21212ac294ad3

SHA1
a1025f70a8b8ba617bdf9566f3a35f96028af65e

SHA256
7e386c61942e68774d49fd64b502f422eaa0433be276a460577b6802c7a8be74

SHA512
d8ba9208f99eaf09deba88994f2e0746ff2f316cfd94252dd2b4b5ca160777fadccb01c1e871b48a6eb551608547f4a9d5049912a53da2c9187683db58f086b5

Download Submit
memory/1732-0-0x000007FEF5BDE000-0x000007FEF5BDF000-memory.dmp

Filesize
4KB

Download
memory/1732-1-0x0000000000480000-0x0000000000488000-memory.dmp

Filesize
32KB

Download
memory/1732-2-0x000007FEF5920000-0x000007FEF62BD000-memory.dmp

Filesize
9.6MB

Download
memory/1732-3-0x000007FEF5920000-0x000007FEF62BD000-memory.dmp

Filesize
9.6MB

Download
memory/1732-4-0x000007FEF5920000-0x000007FEF62BD000-memory.dmp

Filesize
9.6MB

Download
memory/1732-13-0x000007FEF5920000-0x000007FEF62BD000-memory.dmp

Filesize
9.6MB

Download
memory/2332-9-0x0000000000400000-0x0000000000457000-memory.dmp

Filesize
348KB

Download
memory/2332-10-0x0000000000400000-0x0000000000457000-memory.dmp

Filesize
348KB

Download
memory/2332-8-0x0000000000400000-0x0000000000457000-memory.dmp

Filesize
348KB

Download
memory/2332-12-0x000007FEF5920000-0x000007FEF62BD000-memory.dmp

Filesize
9.6MB

Download
memory/2332-6-0x0000000000400000-0x0000000000457000-memory.dmp

Filesize
348KB

Download
memory/2332-14-0x000007FEF5920000-0x000007FEF62BD000-memory.dmp

Filesize
9.6MB

Download
memory/2332-16-0x000007FEF5920000-0x000007FEF62BD000-memory.dmp

Filesize
9.6MB

Download
memory/2332-28-0x000007FEF5920000-0x000007FEF62BD000-memory.dmp

Filesize
9.6MB

Download
memory/2332-7-0x0000000000400000-0x0000000000457000-memory.dmp

Filesize
348KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads