4033490797a42f532d0d68971c6f5739c3c1fdbd7eba24c08796c8f926ae0d31

Analysis

max time kernel
135s
max time network
16s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
21/08/2024, 11:03

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Size

222KB
MD5

b3369635adf29d24bf9760cd267ba148
SHA1

75bb27fd8e9969c28d7897e61216dda549662fa9
SHA256

4033490797a42f532d0d68971c6f5739c3c1fdbd7eba24c08796c8f926ae0d31
SHA512

ae24f8d752078527fdd49cd6ef193542d29bed9ce6c9985796fb3bdc23444b4dccc38b2abe3a3b294f42e8bd6fff5fe4262eef9287893dc6e55f900308af9d16
SSDEEP

6144:14RYIBemxhfDKxsy9tUAmPCH4aMiZS6y5:1BIImxhfDKScejLIS6

Score

5^/10

discovery

Malware Config

Signatures

Suspicious use of SetThreadContext 64 IoCs

description	pid	Process	procid_target
PID 2124 set thread context of 2960	2124	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	29
PID 2960 set thread context of 2132	2960	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	30
PID 2132 set thread context of 2740	2132	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	31
PID 2740 set thread context of 2812	2740	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	32
PID 2812 set thread context of 1592	2812	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	33
PID 1592 set thread context of 2704	1592	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	34
PID 2704 set thread context of 2216	2704	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	35
PID 2216 set thread context of 2264	2216	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	36
PID 2264 set thread context of 2372	2264	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	37
PID 2372 set thread context of 2520	2372	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	38
PID 2520 set thread context of 2828	2520	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	39
PID 2828 set thread context of 1988	2828	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	40
PID 1988 set thread context of 812	1988	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	41
PID 812 set thread context of 1792	812	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	42
PID 1792 set thread context of 2396	1792	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	43
PID 2396 set thread context of 2108	2396	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	44
PID 2108 set thread context of 2300	2108	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	45
PID 2300 set thread context of 2232	2300	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	46
PID 2232 set thread context of 276	2232	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	47
PID 276 set thread context of 1520	276	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	48
PID 1520 set thread context of 3016	1520	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	49
PID 3016 set thread context of 1968	3016	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	50
PID 1968 set thread context of 780	1968	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	51
PID 780 set thread context of 2000	780	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	52
PID 2000 set thread context of 1840	2000	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	53
PID 1840 set thread context of 2568	1840	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	54
PID 2568 set thread context of 2724	2568	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	55
PID 2724 set thread context of 2856	2724	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	56
PID 2856 set thread context of 2756	2856	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	57
PID 2756 set thread context of 2896	2756	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	58
PID 2896 set thread context of 2624	2896	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	59
PID 2624 set thread context of 2680	2624	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	60
PID 2680 set thread context of 2144	2680	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	61
PID 2144 set thread context of 2276	2144	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	62
PID 2276 set thread context of 2616	2276	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	63
PID 2616 set thread context of 1428	2616	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	64
PID 1428 set thread context of 1444	1428	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	65
PID 1444 set thread context of 432	1444	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	66
PID 432 set thread context of 552	432	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	67
PID 552 set thread context of 2400	552	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	68
PID 2400 set thread context of 2448	2400	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	69
PID 2448 set thread context of 2312	2448	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	70
PID 2312 set thread context of 2532	2312	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	71
PID 2532 set thread context of 1668	2532	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	72
PID 1668 set thread context of 1052	1668	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	73
PID 1052 set thread context of 928	1052	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	74
PID 928 set thread context of 1628	928	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	75
PID 1628 set thread context of 2056	1628	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	76
PID 2056 set thread context of 2596	2056	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	77
PID 2596 set thread context of 884	2596	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	78
PID 884 set thread context of 1608	884	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	79
PID 1608 set thread context of 2444	1608	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	80
PID 2444 set thread context of 2868	2444	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	81
PID 2868 set thread context of 2748	2868	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	82
PID 2748 set thread context of 2804	2748	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	83
PID 2804 set thread context of 2660	2804	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	84
PID 2660 set thread context of 2672	2660	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	85
PID 2672 set thread context of 596	2672	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	86
PID 596 set thread context of 2516	596	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	87
PID 2516 set thread context of 2536	2516	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	88
PID 2536 set thread context of 396	2536	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	89
PID 396 set thread context of 2128	396	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	90
PID 2128 set thread context of 1588	2128	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	91
PID 1588 set thread context of 1504	1588	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	92

System Location Discovery: System Language Discovery 1 TTPs 64 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe

Modifies registry class 64 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9C3BE5F8-0CAF-4464-9BBD-B9FD25B15E00}\TypeLib	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{F7814234-0237-4DFC-9D71-0F36D48D09D0}\ProgID	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{8BD5643A-9D25-4CF4-ACF7-B643A7DFF8B7}\ProxyStubClsid\ = "{00020424-0000-0000-C000-000000000046}"	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D34601CE-E784-4328-9E28-A65E6F1D2BCD}\TypeLib\ = "{A0F0FD66-5D37-4959-8B3E-7F76ABAE04CD}"	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TYPELIB\{A0F0FD66-5D37-4959-8B3E-7F76ABAE04CD}\1.0\0	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{9D41FAEC-CD03-4685-9B52-229FB3DDF406}\ = "_Class2"	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\adadadada.mdsaaaaad\Clsid\ = "{9C3BE5F8-0CAF-4464-9BBD-B9FD25B15E00}"	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D34601CE-E784-4328-9E28-A65E6F1D2BCD}\TypeLib	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{0AEC2553-4818-4756-A2CB-D0D38FEBDEE1}\ProxyStubClsid\ = "{00020420-0000-0000-C000-000000000046}"	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{4A175F7B-0C86-4EFA-A235-F498F2892A89}\ = "_Class1"	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9D41FAEC-CD03-4685-9B52-229FB3DDF406}\ProxyStubClsid32	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9C3BE5F8-0CAF-4464-9BBD-B9FD25B15E00}\VERSION	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9C3BE5F8-0CAF-4464-9BBD-B9FD25B15E00}\ProgID\ = "adadadada.mdsaaaaad"	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\adadadada.Class1	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\adadadada.Class1\ = "adadadada.Class1"	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D34601CE-E784-4328-9E28-A65E6F1D2BCD}\Programmable	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\TYPELIB\{A0F0FD66-5D37-4959-8B3E-7F76ABAE04CD}\1.0\ = "Proyecto1"	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9D41FAEC-CD03-4685-9B52-229FB3DDF406}\TypeLib	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{0AEC2553-4818-4756-A2CB-D0D38FEBDEE1}\ = "__Class1"	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{0AEC2553-4818-4756-A2CB-D0D38FEBDEE1}\ProxyStubClsid32\ = "{00020420-0000-0000-C000-000000000046}"	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9C3BE5F8-0CAF-4464-9BBD-B9FD25B15E00}\VERSION\ = "1.0"	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{8BD5643A-9D25-4CF4-ACF7-B643A7DFF8B7}\ = "mdsaaaaad"	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D34601CE-E784-4328-9E28-A65E6F1D2BCD}\ = "adadadada.Class1"	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{4A175F7B-0C86-4EFA-A235-F498F2892A89}\ = "Class1"	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\TYPELIB\{A0F0FD66-5D37-4959-8B3E-7F76ABAE04CD}\1.0\FLAGS\ = "0"	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{8BD5643A-9D25-4CF4-ACF7-B643A7DFF8B7}\TypeLib\ = "{A0F0FD66-5D37-4959-8B3E-7F76ABAE04CD}"	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{0AEC2553-4818-4756-A2CB-D0D38FEBDEE1}\ProxyStubClsid32	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\adadadada.mdsaaaaad	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{F7814234-0237-4DFC-9D71-0F36D48D09D0}\VERSION\ = "1.0"	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{4A175F7B-0C86-4EFA-A235-F498F2892A89}\TypeLib	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{8BD5643A-9D25-4CF4-ACF7-B643A7DFF8B7}\TypeLib\Version = "1.0"	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{0AEC2553-4818-4756-A2CB-D0D38FEBDEE1}\TypeLib	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{4A175F7B-0C86-4EFA-A235-F498F2892A89}\ = "_Class1"	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{F7814234-0237-4DFC-9D71-0F36D48D09D0}\Programmable	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{0AEC2553-4818-4756-A2CB-D0D38FEBDEE1}\ = "__Class1"	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TYPELIB\{A0F0FD66-5D37-4959-8B3E-7F76ABAE04CD}\1.0	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{4A175F7B-0C86-4EFA-A235-F498F2892A89}	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{0AEC2553-4818-4756-A2CB-D0D38FEBDEE1}\TypeLib\Version = "1.0"	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{0AEC2553-4818-4756-A2CB-D0D38FEBDEE1}\TypeLib\ = "{A0F0FD66-5D37-4959-8B3E-7F76ABAE04CD}"	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9C3BE5F8-0CAF-4464-9BBD-B9FD25B15E00}	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\adadadada.mdsaaaaad\Clsid	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{9D41FAEC-CD03-4685-9B52-229FB3DDF406}\ProxyStubClsid\ = "{00020424-0000-0000-C000-000000000046}"	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{4A175F7B-0C86-4EFA-A235-F498F2892A89}\ProxyStubClsid\ = "{00020424-0000-0000-C000-000000000046}"	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{4A175F7B-0C86-4EFA-A235-F498F2892A89}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}"	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{4A175F7B-0C86-4EFA-A235-F498F2892A89}\ProxyStubClsid32	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{4A175F7B-0C86-4EFA-A235-F498F2892A89}\TypeLib\ = "{A0F0FD66-5D37-4959-8B3E-7F76ABAE04CD}"	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9C3BE5F8-0CAF-4464-9BBD-B9FD25B15E00}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{8BD5643A-9D25-4CF4-ACF7-B643A7DFF8B7}\ProxyStubClsid32	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{4A175F7B-0C86-4EFA-A235-F498F2892A89}\TypeLib\Version = "1.0"	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{9D41FAEC-CD03-4685-9B52-229FB3DDF406}	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{8BD5643A-9D25-4CF4-ACF7-B643A7DFF8B7}\ = "_mdsaaaaad"	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9C3BE5F8-0CAF-4464-9BBD-B9FD25B15E00}\TypeLib\ = "{A0F0FD66-5D37-4959-8B3E-7F76ABAE04CD}"	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D34601CE-E784-4328-9E28-A65E6F1D2BCD}\ProgID	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D34601CE-E784-4328-9E28-A65E6F1D2BCD}\LocalServer32	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D34601CE-E784-4328-9E28-A65E6F1D2BCD}\LocalServer32\ = "C:\\Users\\Admin\\AppData\\Local\\Temp\\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{4A175F7B-0C86-4EFA-A235-F498F2892A89}\TypeLib	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{8BD5643A-9D25-4CF4-ACF7-B643A7DFF8B7}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}"	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{0AEC2553-4818-4756-A2CB-D0D38FEBDEE1}\TypeLib\Version = "1.0"	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9D41FAEC-CD03-4685-9B52-229FB3DDF406}\TypeLib\Version = "1.0"	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{F7814234-0237-4DFC-9D71-0F36D48D09D0}	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\adadadada.Class2\Clsid	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{9D41FAEC-CD03-4685-9B52-229FB3DDF406}\ProxyStubClsid	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D34601CE-E784-4328-9E28-A65E6F1D2BCD}\Implemented Categories	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\TYPELIB\{A0F0FD66-5D37-4959-8B3E-7F76ABAE04CD}\1.0\HELPDIR\ = "C:\\Users\\Admin\\AppData\\Local\\Temp\\.2.0#\u00a0\x01.°"	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe

Suspicious use of SetWindowsHookEx 64 IoCs

pid	Process
2124	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
2960	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
2132	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
2740	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
2812	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
1592	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
2704	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
2216	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
2264	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
2372	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
2520	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
2828	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
1988	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
812	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
1792	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
2396	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
2108	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
2300	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
2232	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
276	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
1520	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
3016	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
1968	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
780	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
2000	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
1840	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
2568	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
2724	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
2856	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
2756	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
2896	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
2624	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
2680	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
2144	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
2276	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
2616	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
1428	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
1444	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
432	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
552	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
2400	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
2448	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
2312	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
2532	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
1668	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
1052	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
928	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
1628	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
2056	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
2596	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
884	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
1608	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
2444	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
2868	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
2748	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
2804	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
2660	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
2672	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
596	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
2516	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
2536	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
396	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
2128	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
1588	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2124 wrote to memory of 2960	2124	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	29
PID 2124 wrote to memory of 2960	2124	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	29
PID 2124 wrote to memory of 2960	2124	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	29
PID 2124 wrote to memory of 2960	2124	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	29
PID 2124 wrote to memory of 2960	2124	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	29
PID 2124 wrote to memory of 2960	2124	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	29
PID 2124 wrote to memory of 2960	2124	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	29
PID 2124 wrote to memory of 2960	2124	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	29
PID 2124 wrote to memory of 2960	2124	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	29
PID 2124 wrote to memory of 2960	2124	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	29
PID 2124 wrote to memory of 2960	2124	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	29
PID 2124 wrote to memory of 2960	2124	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	29
PID 2124 wrote to memory of 2960	2124	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	29
PID 2960 wrote to memory of 2132	2960	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	30
PID 2960 wrote to memory of 2132	2960	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	30
PID 2960 wrote to memory of 2132	2960	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	30
PID 2960 wrote to memory of 2132	2960	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	30
PID 2960 wrote to memory of 2132	2960	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	30
PID 2960 wrote to memory of 2132	2960	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	30
PID 2960 wrote to memory of 2132	2960	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	30
PID 2960 wrote to memory of 2132	2960	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	30
PID 2960 wrote to memory of 2132	2960	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	30
PID 2960 wrote to memory of 2132	2960	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	30
PID 2960 wrote to memory of 2132	2960	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	30
PID 2960 wrote to memory of 2132	2960	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	30
PID 2960 wrote to memory of 2132	2960	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	30
PID 2132 wrote to memory of 2740	2132	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	31
PID 2132 wrote to memory of 2740	2132	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	31
PID 2132 wrote to memory of 2740	2132	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	31
PID 2132 wrote to memory of 2740	2132	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	31
PID 2132 wrote to memory of 2740	2132	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	31
PID 2132 wrote to memory of 2740	2132	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	31
PID 2132 wrote to memory of 2740	2132	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	31
PID 2132 wrote to memory of 2740	2132	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	31
PID 2132 wrote to memory of 2740	2132	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	31
PID 2132 wrote to memory of 2740	2132	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	31
PID 2132 wrote to memory of 2740	2132	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	31
PID 2132 wrote to memory of 2740	2132	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	31
PID 2132 wrote to memory of 2740	2132	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	31
PID 2740 wrote to memory of 2812	2740	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	32
PID 2740 wrote to memory of 2812	2740	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	32
PID 2740 wrote to memory of 2812	2740	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	32
PID 2740 wrote to memory of 2812	2740	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	32
PID 2740 wrote to memory of 2812	2740	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	32
PID 2740 wrote to memory of 2812	2740	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	32
PID 2740 wrote to memory of 2812	2740	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	32
PID 2740 wrote to memory of 2812	2740	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	32
PID 2740 wrote to memory of 2812	2740	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	32
PID 2740 wrote to memory of 2812	2740	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	32
PID 2740 wrote to memory of 2812	2740	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	32
PID 2740 wrote to memory of 2812	2740	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	32
PID 2740 wrote to memory of 2812	2740	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	32
PID 2812 wrote to memory of 1592	2812	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	33
PID 2812 wrote to memory of 1592	2812	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	33
PID 2812 wrote to memory of 1592	2812	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	33
PID 2812 wrote to memory of 1592	2812	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	33
PID 2812 wrote to memory of 1592	2812	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	33
PID 2812 wrote to memory of 1592	2812	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	33
PID 2812 wrote to memory of 1592	2812	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	33
PID 2812 wrote to memory of 1592	2812	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	33
PID 2812 wrote to memory of 1592	2812	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	33
PID 2812 wrote to memory of 1592	2812	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	33
PID 2812 wrote to memory of 1592	2812	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	33
PID 2812 wrote to memory of 1592	2812	b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe	33

C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
1⤵
- Suspicious use of SetThreadContext
- Modifies registry class
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2124
- C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
  "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
  2⤵
  - Suspicious use of SetThreadContext
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:2960
- - C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
    3⤵
    - Suspicious use of SetThreadContext
    - Suspicious use of SetWindowsHookEx
    - Suspicious use of WriteProcessMemory
    PID:2132
  - - C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
      "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
      4⤵
      Suspicious use of SetThreadContext
      System Location Discovery: System Language Discovery
      Suspicious use of SetWindowsHookEx
      Suspicious use of WriteProcessMemory
      PID:2740
    - - C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        5⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        Suspicious use of WriteProcessMemory
        
        PID:2812
      - C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        6⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:1592
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        7⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:2704
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        8⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:2216
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        9⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:2264
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        10⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:2372
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        11⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:2520
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        12⤵
        Suspicious use of SetThreadContext
        System Location Discovery: System Language Discovery
        Suspicious use of SetWindowsHookEx
        
        PID:2828
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        13⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:1988
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        14⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:812
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        15⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:1792
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        16⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:2396
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        17⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:2108
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        18⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:2300
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        19⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:2232
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        20⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:276
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        21⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:1520
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        22⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:3016
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        23⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:1968
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        24⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:780
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        25⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:2000
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        26⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:1840
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        27⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:2568
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        28⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:2724
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        29⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:2856
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        30⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:2756
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        31⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:2896
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        32⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:2624
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        33⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:2680
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        34⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:2144
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        35⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:2276
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        36⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:2616
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        37⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:1428
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        38⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:1444
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        39⤵
        Suspicious use of SetThreadContext
        System Location Discovery: System Language Discovery
        Suspicious use of SetWindowsHookEx
        
        PID:432
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        40⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:552
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        41⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:2400
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        42⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:2448
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        43⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:2312
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        44⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:2532
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        45⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:1668
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        46⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:1052
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        47⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:928
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        48⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:1628
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        49⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:2056
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        50⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:2596
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        51⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:884
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        52⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:1608
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        53⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:2444
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        54⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:2868
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        55⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:2748
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        56⤵
        Suspicious use of SetThreadContext
        System Location Discovery: System Language Discovery
        Suspicious use of SetWindowsHookEx
        
        PID:2804
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        57⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:2660
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        58⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:2672
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        59⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:596
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        60⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:2516
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        61⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:2536
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        62⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:396
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        63⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:2128
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        64⤵
        Suspicious use of SetThreadContext
        Suspicious use of SetWindowsHookEx
        
        PID:1588
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        65⤵
        
        PID:1504
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        66⤵
        System Location Discovery: System Language Discovery
        
        PID:2152
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        67⤵
        
        PID:2436
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        68⤵
        
        PID:2184
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        69⤵
        
        PID:2240
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        70⤵
        
        PID:1436
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        71⤵
        
        PID:1316
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        72⤵
        
        PID:1760
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        73⤵
        
        PID:1496
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        74⤵
        
        PID:2348
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        75⤵
        
        PID:2900
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        76⤵
        
        PID:2872
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        77⤵
        
        PID:2328
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        78⤵
        
        PID:2908
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        79⤵
        
        PID:2844
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        80⤵
        System Location Discovery: System Language Discovery
        
        PID:3044
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        81⤵
        
        PID:2708
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        82⤵
        
        PID:952
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        83⤵
        
        PID:1756
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        84⤵
        
        PID:1328
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        85⤵
        
        PID:2700
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        86⤵
        
        PID:2944
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        87⤵
        
        PID:2720
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        88⤵
        
        PID:2196
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        89⤵
        System Location Discovery: System Language Discovery
        
        PID:2280
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        90⤵
        
        PID:2244
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        91⤵
        
        PID:1252
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        92⤵
        
        PID:1320
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        93⤵
        
        PID:1096
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        94⤵
        
        PID:1500
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        95⤵
        
        PID:1544
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        96⤵
        
        PID:3040
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        97⤵
        
        PID:2540
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        98⤵
        
        PID:2864
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        99⤵
        
        PID:2204
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        100⤵
        
        PID:2652
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        101⤵
        
        PID:2664
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        102⤵
        System Location Discovery: System Language Discovery
        
        PID:2668
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        103⤵
        
        PID:2028
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        104⤵
        
        PID:2688
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        105⤵
        
        PID:2340
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        106⤵
        
        PID:2600
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        107⤵
        
        PID:1680
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        108⤵
        
        PID:1964
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        109⤵
        
        PID:3004
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        110⤵
        
        PID:1104
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        111⤵
        
        PID:1732
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        112⤵
        
        PID:824
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        113⤵
        
        PID:1524
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        114⤵
        
        PID:1976
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        115⤵
        
        PID:3008
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        116⤵
        
        PID:368
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        117⤵
        
        PID:588
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        118⤵
        System Location Discovery: System Language Discovery
        
        PID:916
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        119⤵
        
        PID:2212
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        120⤵
        
        PID:2224
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        121⤵
        
        PID:1808
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        122⤵
        
        PID:2648
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        123⤵
        
        PID:2628
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        124⤵
        
        PID:752
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        125⤵
        
        PID:2040
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        126⤵
        
        PID:1996
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        127⤵
        
        PID:2956
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        128⤵
        
        PID:808
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        129⤵
        
        PID:2228
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        130⤵
        
        PID:1712
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        131⤵
        
        PID:2424
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        132⤵
        
        PID:2104
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        133⤵
        
        PID:1508
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        134⤵
        
        PID:2088
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        135⤵
        
        PID:2308
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        136⤵
        
        PID:2064
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        137⤵
        
        PID:1596
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        138⤵
        
        PID:2060
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        139⤵
        
        PID:2220
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        140⤵
        
        PID:2800
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        141⤵
        
        PID:2808
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        142⤵
        
        PID:2592
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        143⤵
        
        PID:1648
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        144⤵
        
        PID:2852
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        145⤵
        
        PID:2968
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        146⤵
        
        PID:2728
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        147⤵
        
        PID:2692
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        148⤵
        
        PID:2268
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        149⤵
        
        PID:2452
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        150⤵
        
        PID:2188
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        151⤵
        
        PID:2456
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        152⤵
        
        PID:320
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        153⤵
        
        PID:996
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        154⤵
        
        PID:1828
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        155⤵
        
        PID:2020
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        156⤵
        
        PID:2904
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        157⤵
        
        PID:2736
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        158⤵
        
        PID:2440
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        159⤵
        
        PID:2952
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        160⤵
        
        PID:2892
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        161⤵
        
        PID:940
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        162⤵
        
        PID:2912
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        163⤵
        
        PID:756
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        164⤵
        
        PID:844
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        165⤵
        
        PID:2304
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        166⤵
        
        PID:2984
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        167⤵
        System Location Discovery: System Language Discovery
        
        PID:2428
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        168⤵
        
        PID:1324
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        169⤵
        
        PID:968
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        170⤵
        
        PID:2284
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        171⤵
        
        PID:2472
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        172⤵
        System Location Discovery: System Language Discovery
        
        PID:1396
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        173⤵
        
        PID:2560
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        174⤵
        
        PID:1604
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        175⤵
        
        PID:2636
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        176⤵
        
        PID:2332
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        177⤵
        
        PID:2068
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        178⤵
        
        PID:1232
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        179⤵
        
        PID:1548
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        180⤵
        
        PID:1568
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        181⤵
        
        PID:3000
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        182⤵
        
        PID:1172
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        183⤵
        
        PID:2208
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        184⤵
        
        PID:1636
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        185⤵
        
        PID:548
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        186⤵
        System Location Discovery: System Language Discovery
        
        PID:2604
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        187⤵
        
        PID:2352
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        188⤵
        
        PID:3068
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        189⤵
        
        PID:2712
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        190⤵
        
        PID:2848
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        191⤵
        
        PID:2468
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        192⤵
        
        PID:2612
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        193⤵
        
        PID:1656
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        194⤵
        
        PID:3032
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        195⤵
        System Location Discovery: System Language Discovery
        
        PID:904
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        196⤵
        
        PID:2404
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        197⤵
        
        PID:1944
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        198⤵
        
        PID:2156
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        199⤵
        System Location Discovery: System Language Discovery
        
        PID:1552
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        200⤵
        
        PID:236
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        201⤵
        
        PID:2168
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        202⤵
        
        PID:2780
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        203⤵
        
        PID:2316
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        204⤵
        System Location Discovery: System Language Discovery
        
        PID:1028
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        205⤵
        
        PID:3052
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        206⤵
        
        PID:2752
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        207⤵
        
        PID:664
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        208⤵
        
        PID:2092
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        209⤵
        
        PID:976
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        210⤵
        
        PID:2928
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        211⤵
        
        PID:1812
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        212⤵
        
        PID:288
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        213⤵
        
        PID:2412
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        214⤵
        
        PID:2492
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        215⤵
        
        PID:1532
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        216⤵
        
        PID:2164
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        217⤵
        
        PID:2920
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        218⤵
        
        PID:2820
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        219⤵
        System Location Discovery: System Language Discovery
        
        PID:2640
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        220⤵
        
        PID:2524
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        221⤵
        
        PID:3060
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        222⤵
        
        PID:2432
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        223⤵
        
        PID:1720
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        224⤵
        System Location Discovery: System Language Discovery
        
        PID:1784
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        225⤵
        
        PID:1740
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        226⤵
        
        PID:1120
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        227⤵
        
        PID:1624
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        228⤵
        
        PID:1620
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        229⤵
        
        PID:2176
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        230⤵
        
        PID:2796
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        231⤵
        
        PID:3056
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        232⤵
        
        PID:2732
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        233⤵
        
        PID:2236
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        234⤵
        
        PID:1956
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        235⤵
        
        PID:1860
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        236⤵
        
        PID:572
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        237⤵
        
        PID:1560
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        238⤵
        
        PID:1160
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        239⤵
        
        PID:3028
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        240⤵
        
        PID:2464
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        241⤵
        
        PID:2888
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        242⤵
        
        PID:2772
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        243⤵
        
        PID:2880
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        244⤵
        
        PID:1400
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        245⤵
        
        PID:672
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        246⤵
        
        PID:692
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        247⤵
        
        PID:1800
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        248⤵
        
        PID:2940
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        249⤵
        
        PID:1516
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        250⤵
        
        PID:2556
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        251⤵
        
        PID:2296
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        252⤵
        
        PID:2760
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        253⤵
        
        PID:2288
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        254⤵
        
        PID:2504
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        255⤵
        
        PID:1912
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        256⤵
        
        PID:1616
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        257⤵
        
        PID:2684
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        258⤵
        System Location Discovery: System Language Discovery
        
        PID:1264
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        259⤵
        
        PID:2344
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        260⤵
        
        PID:1572
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        261⤵
        System Location Discovery: System Language Discovery
        
        PID:2256
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        262⤵
        
        PID:1952
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        263⤵
        
        PID:768
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        264⤵
        
        PID:2016
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        265⤵
        
        PID:2992
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        266⤵
        
        PID:1512
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        267⤵
        
        PID:1268
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        268⤵
        
        PID:2008
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        269⤵
        
        PID:1724
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        270⤵
        
        PID:2544
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        271⤵
        
        PID:2976
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        272⤵
        
        PID:3064
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        273⤵
        
        PID:2548
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        274⤵
        
        PID:1744
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        275⤵
        
        PID:1752
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        276⤵
        
        PID:1404
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        277⤵
        
        PID:1472
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        278⤵
        
        PID:472
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        279⤵
        
        PID:1376
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        280⤵
        
        PID:2476
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        281⤵
        System Location Discovery: System Language Discovery
        
        PID:2836
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        282⤵
        
        PID:1708
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        283⤵
        
        PID:796
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        284⤵
        
        PID:1748
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        285⤵
        
        PID:2252
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        286⤵
        
        PID:2768
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        287⤵
        
        PID:640
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        288⤵
        
        PID:2124
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        289⤵
        
        PID:2656
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        290⤵
        
        PID:388
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        291⤵
        
        PID:1728
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        292⤵
        
        PID:2324
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        293⤵
        
        PID:1356
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        294⤵
        
        PID:1100
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        295⤵
        
        PID:2480
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        296⤵
        
        PID:1360
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        297⤵
        
        PID:2876
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        298⤵
        
        PID:2012
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        299⤵
        
        PID:1980
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        300⤵
        
        PID:1688
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        301⤵
        
        PID:2172
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        302⤵
        System Location Discovery: System Language Discovery
        
        PID:3068
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        303⤵
        
        PID:2792
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        304⤵
        
        PID:2824
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        305⤵
        
        PID:1296
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        306⤵
        
        PID:1772
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        307⤵
        System Location Discovery: System Language Discovery
        
        PID:2948
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        308⤵
        
        PID:2376
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        309⤵
        
        PID:2120
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        310⤵
        
        PID:2488
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        311⤵
        
        PID:1148
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        312⤵
        System Location Discovery: System Language Discovery
        
        PID:2248
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        313⤵
        
        PID:2408
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        314⤵
        
        PID:2860
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        315⤵
        
        PID:2148
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        316⤵
        
        PID:592
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        317⤵
        
        PID:2388
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        318⤵
        
        PID:2112
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        319⤵
        
        PID:1536
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        320⤵
        
        PID:2996
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        321⤵
        
        PID:1108
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        322⤵
        
        PID:1700
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        323⤵
        
        PID:888
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        324⤵
        System Location Discovery: System Language Discovery
        
        PID:776
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        325⤵
        
        PID:1092
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        326⤵
        
        PID:1564
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        327⤵
        
        PID:1984
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        328⤵
        
        PID:524
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        329⤵
        
        PID:2676
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        330⤵
        
        PID:2744
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        331⤵
        
        PID:2116
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        332⤵
        
        PID:1972
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        333⤵
        
        PID:456
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        334⤵
        
        PID:1868
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        335⤵
        
        PID:112
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        336⤵
        
        PID:2140
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        337⤵
        
        PID:1540
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        338⤵
        
        PID:2260
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        339⤵
        System Location Discovery: System Language Discovery
        
        PID:1260
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        340⤵
        
        PID:2528
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        341⤵
        
        PID:2632
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        342⤵
        
        PID:2788
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        343⤵
        
        PID:2936
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        344⤵
        
        PID:612
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        345⤵
        
        PID:1280
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        346⤵
        
        PID:2988
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        347⤵
        
        PID:2840
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        348⤵
        
        PID:944
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        349⤵
        
        PID:1244
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        350⤵
        
        PID:2320
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        351⤵
        
        PID:2884
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        352⤵
        
        PID:1060
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        353⤵
        
        PID:2416
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        354⤵
        
        PID:2512
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        355⤵
        
        PID:2136
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        356⤵
        
        PID:2484
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        357⤵
        
        PID:1308
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        358⤵
        
        PID:924
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        359⤵
        
        PID:2036
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        360⤵
        
        PID:1696
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        361⤵
        
        PID:2972
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        362⤵
        
        PID:3048
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        363⤵
        
        PID:1692
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        364⤵
        
        PID:896
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        365⤵
        
        PID:1788
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        366⤵
        System Location Discovery: System Language Discovery
        
        PID:2784
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        367⤵
        
        PID:2776
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        368⤵
        
        PID:1932
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        369⤵
        
        PID:2644
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        370⤵
        
        PID:1288
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        371⤵
        
        PID:2832
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        372⤵
        
        PID:2924
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        373⤵
        
        PID:2764
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        374⤵
        
        PID:1936
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        375⤵
        
        PID:848
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        376⤵
        
        PID:1312
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        377⤵
        
        PID:972
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        378⤵
        
        PID:2932
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        379⤵
        
        PID:2272
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        380⤵
        
        PID:1048
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        381⤵
        
        PID:960
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        382⤵
        
        PID:584
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        383⤵
        
        PID:1916
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        384⤵
        System Location Discovery: System Language Discovery
        
        PID:1940
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        385⤵
        
        PID:1600
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        386⤵
        
        PID:876
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        387⤵
        
        PID:1948
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        388⤵
        
        PID:2052
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        389⤵
        
        PID:2460
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        390⤵
        
        PID:2916
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        391⤵
        
        PID:3116
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        392⤵
        
        PID:3168
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        393⤵
        
        PID:3220
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        394⤵
        
        PID:3272
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        395⤵
        
        PID:3324
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        396⤵
        System Location Discovery: System Language Discovery
        
        PID:3376
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        397⤵
        
        PID:3428
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        398⤵
        
        PID:3484
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        399⤵
        
        PID:3536
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        400⤵
        
        PID:3588
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        401⤵
        
        PID:3640
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        402⤵
        
        PID:3692
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        403⤵
        
        PID:3744
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        404⤵
        
        PID:3800
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        405⤵
        System Location Discovery: System Language Discovery
        
        PID:3860
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        406⤵
        
        PID:3912
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        407⤵
        
        PID:3964
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        408⤵
        
        PID:4016
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        409⤵
        
        PID:4068
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        410⤵
        
        PID:1196
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        411⤵
        
        PID:3144
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        412⤵
        
        PID:3200
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        413⤵
        
        PID:3280
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        414⤵
        
        PID:1348
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        415⤵
        
        PID:3388
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        416⤵
        
        PID:3436
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        417⤵
        
        PID:3432
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        418⤵
        
        PID:3524
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        419⤵
        
        PID:3572
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        420⤵
        
        PID:3628
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        421⤵
        
        PID:3716
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        422⤵
        
        PID:3756
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        423⤵
        
        PID:3816
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        424⤵
        
        PID:3876
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        425⤵
        
        PID:3904
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        426⤵
        
        PID:3916
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        427⤵
        
        PID:4028
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        428⤵
        
        PID:4052
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        429⤵
        
        PID:3092
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        430⤵
        
        PID:3096
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        431⤵
        
        PID:3240
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        432⤵
        
        PID:3300
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        433⤵
        
        PID:3336
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        434⤵
        
        PID:3412
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        435⤵
        
        PID:3476
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        436⤵
        
        PID:3520
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        437⤵
        
        PID:3488
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        438⤵
        
        PID:3592
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        439⤵
        
        PID:3680
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        440⤵
        
        PID:3728
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        441⤵
        
        PID:3768
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        442⤵
        
        PID:3892
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        443⤵
        
        PID:3864
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        444⤵
        
        PID:3908
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        445⤵
        
        PID:4040
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        446⤵
        
        PID:3112
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        447⤵
        
        PID:3152
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        448⤵
        
        PID:3252
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        449⤵
        
        PID:3312
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        450⤵
        
        PID:3276
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        451⤵
        
        PID:3440
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        452⤵
        
        PID:3460
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        453⤵
        
        PID:3552
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        454⤵
        
        PID:3584
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        455⤵
        
        PID:3632
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        456⤵
        
        PID:3424
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        457⤵
        
        PID:3024
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        458⤵
        
        PID:3848
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        459⤵
        
        PID:3928
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        460⤵
        
        PID:3976
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        461⤵
        
        PID:836
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        462⤵
        
        PID:3132
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        463⤵
        
        PID:3148
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        464⤵
        
        PID:3244
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        465⤵
        
        PID:3204
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        466⤵
        System Location Discovery: System Language Discovery
        
        PID:3316
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        467⤵
        
        PID:3328
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        468⤵
        System Location Discovery: System Language Discovery
        
        PID:3344
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        469⤵
        
        PID:3496
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        470⤵
        
        PID:3700
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        471⤵
        
        PID:3664
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        472⤵
        
        PID:3812
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        473⤵
        
        PID:3832
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        474⤵
        
        PID:3836
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        475⤵
        
        PID:3952
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        476⤵
        
        PID:4036
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        477⤵
        
        PID:3128
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        478⤵
        
        PID:4064
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        479⤵
        
        PID:3236
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        480⤵
        
        PID:3248
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        481⤵
        
        PID:3356
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        482⤵
        
        PID:3492
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        483⤵
        
        PID:3528
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        484⤵
        
        PID:3620
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        485⤵
        
        PID:3764
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        486⤵
        
        PID:3624
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        487⤵
        
        PID:3856
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        488⤵
        
        PID:3796
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        489⤵
        
        PID:2552
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        490⤵
        
        PID:4024
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        491⤵
        
        PID:3088
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        492⤵
        
        PID:3184
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        493⤵
        
        PID:3296
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        494⤵
        
        PID:3400
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        495⤵
        System Location Discovery: System Language Discovery
        
        PID:3452
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        496⤵
        
        PID:3548
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        497⤵
        
        PID:3604
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        498⤵
        
        PID:3456
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        499⤵
        
        PID:3608
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        500⤵
        
        PID:3820
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        501⤵
        
        PID:3880
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        502⤵
        
        PID:3984
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        503⤵
        
        PID:2588
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        504⤵
        
        PID:3216
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        505⤵
        
        PID:3228
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        506⤵
        
        PID:3292
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        507⤵
        
        PID:3944
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        508⤵
        System Location Discovery: System Language Discovery
        
        PID:3468
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        509⤵
        
        PID:3752
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        510⤵
        
        PID:3580
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        511⤵
        
        PID:3772
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        512⤵
        
        PID:3828
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        513⤵
        
        PID:3900
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        514⤵
        
        PID:3988
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        515⤵
        
        PID:3968
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        516⤵
        
        PID:3100
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        517⤵
        
        PID:3284
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        518⤵
        
        PID:3192
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        519⤵
        
        PID:3804
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        520⤵
        System Location Discovery: System Language Discovery
        
        PID:3648
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        521⤵
        
        PID:3732
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        522⤵
        
        PID:2496
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        523⤵
        System Location Discovery: System Language Discovery
        
        PID:2384
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        524⤵
        
        PID:3884
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        525⤵
        System Location Discovery: System Language Discovery
        
        PID:3996
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        526⤵
        
        PID:3808
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        527⤵
        
        PID:3268
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        528⤵
        
        PID:4080
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        529⤵
        
        PID:3348
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        530⤵
        
        PID:3372
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        531⤵
        
        PID:3636
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        532⤵
        
        PID:3720
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        533⤵
        
        PID:3776
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        534⤵
        
        PID:3652
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        535⤵
        
        PID:3872
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        536⤵
        
        PID:3164
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        537⤵
        
        PID:3108
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        538⤵
        
        PID:3780
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        539⤵
        
        PID:3224
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        540⤵
        
        PID:3364
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        541⤵
        
        PID:3480
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        542⤵
        
        PID:3656
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        543⤵
        
        PID:3644
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        544⤵
        
        PID:3564
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        545⤵
        
        PID:4092
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        546⤵
        System Location Discovery: System Language Discovery
        
        PID:4012
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        547⤵
        
        PID:3208
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        548⤵
        
        PID:3136
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        549⤵
        
        PID:3444
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        550⤵
        
        PID:3556
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        551⤵
        
        PID:3736
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        552⤵
        
        PID:3760
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        553⤵
        System Location Discovery: System Language Discovery
        
        PID:3888
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        554⤵
        System Location Discovery: System Language Discovery
        
        PID:3924
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        555⤵
        System Location Discovery: System Language Discovery
        
        PID:3232
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        556⤵
        
        PID:3104
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        557⤵
        
        PID:3304
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        558⤵
        
        PID:3380
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        559⤵
        
        PID:3724
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        560⤵
        
        PID:3676
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        561⤵
        
        PID:4060
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        562⤵
        
        PID:3936
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        563⤵
        
        PID:3176
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        564⤵
        System Location Discovery: System Language Discovery
        
        PID:4084
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        565⤵
        
        PID:3420
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        566⤵
        
        PID:3560
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        567⤵
        
        PID:3868
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        568⤵
        
        PID:2084
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        569⤵
        
        PID:3512
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        570⤵
        
        PID:3576
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        571⤵
        System Location Discovery: System Language Discovery
        
        PID:3532
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        572⤵
        
        PID:3256
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        573⤵
        
        PID:3500
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        574⤵
        
        PID:2816
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        575⤵
        
        PID:3740
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        576⤵
        
        PID:4020
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        577⤵
        
        PID:4000
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        578⤵
        
        PID:3340
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        579⤵
        
        PID:4056
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        580⤵
        
        PID:3568
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        581⤵
        
        PID:3672
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        582⤵
        
        PID:3748
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        583⤵
        
        PID:3404
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        584⤵
        
        PID:3712
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        585⤵
        System Location Discovery: System Language Discovery
        
        PID:3616
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        586⤵
        
        PID:3320
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        587⤵
        
        PID:3688
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        588⤵
        System Location Discovery: System Language Discovery
        
        PID:3852
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        589⤵
        System Location Discovery: System Language Discovery
        
        PID:3212
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        590⤵
        
        PID:3508
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        591⤵
        
        PID:3076
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        592⤵
        
        PID:2580
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        593⤵
        
        PID:3824
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        594⤵
        
        PID:3980
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        595⤵
        
        PID:3188
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        596⤵
        
        PID:3416
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        597⤵
        
        PID:3684
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        598⤵
        
        PID:3504
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        599⤵
        
        PID:3920
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        600⤵
        
        PID:2292
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        601⤵
        
        PID:3180
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        602⤵
        System Location Discovery: System Language Discovery
        
        PID:3464
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        603⤵
        
        PID:1364
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        604⤵
        
        PID:4072
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        605⤵
        
        PID:3352
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        606⤵
        
        PID:3308
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        607⤵
        
        PID:3540
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        608⤵
        
        PID:3696
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        609⤵
        
        PID:3156
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        610⤵
        
        PID:3140
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        611⤵
        
        PID:3068
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        612⤵
        System Location Discovery: System Language Discovery
        
        PID:2160
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        613⤵
        
        PID:4044
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        614⤵
        
        PID:1992
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        615⤵
        
        PID:3960
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        616⤵
        
        PID:3120
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        617⤵
        
        PID:3596
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        618⤵
        
        PID:3940
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        619⤵
        
        PID:3392
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        620⤵
        
        PID:3360
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        621⤵
        
        PID:3612
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        622⤵
        
        PID:3544
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        623⤵
        
        PID:3932
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        624⤵
        System Location Discovery: System Language Discovery
        
        PID:3408
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        625⤵
        
        PID:3600
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        626⤵
        
        PID:3972
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        627⤵
        
        PID:3288
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        628⤵
        
        PID:3948
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        629⤵
        
        PID:3448
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        630⤵
        
        PID:4004
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        631⤵
        
        PID:3368
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        632⤵
        
        PID:3784
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        633⤵
        
        PID:4048
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        634⤵
        
        PID:3124
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        635⤵
        
        PID:3704
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        636⤵
        
        PID:3516
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        637⤵
        
        PID:3384
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        638⤵
        System Location Discovery: System Language Discovery
        
        PID:3660
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        639⤵
        
        PID:2100
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        640⤵
        
        PID:1156
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        641⤵
        
        PID:3020
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        642⤵
        
        PID:3668
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        643⤵
        
        PID:3396
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        644⤵
        
        PID:3172
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        645⤵
        
        PID:3196
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        646⤵
        
        PID:4008
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        647⤵
        
        PID:3260
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        648⤵
        
        PID:3992
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        649⤵
        
        PID:3264
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        650⤵
        
        PID:4076
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        651⤵
        
        PID:4032
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        652⤵
        
        PID:3068
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        653⤵
        
        PID:4132
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        654⤵
        
        PID:4192
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        655⤵
        
        PID:4244
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        656⤵
        
        PID:4296
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        657⤵
        
        PID:4348
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        658⤵
        
        PID:4400
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        659⤵
        
        PID:4452
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        660⤵
        
        PID:4504
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        661⤵
        
        PID:4560
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        662⤵
        
        PID:4612
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        663⤵
        
        PID:4664
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        664⤵
        System Location Discovery: System Language Discovery
        
        PID:4716
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        665⤵
        
        PID:4768
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        666⤵
        
        PID:4820
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        667⤵
        
        PID:4872
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        668⤵
        
        PID:4924
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        669⤵
        
        PID:4980
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        670⤵
        
        PID:5032
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        671⤵
        System Location Discovery: System Language Discovery
        
        PID:5084
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        672⤵
        
        PID:3332
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        673⤵
        
        PID:4164
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        674⤵
        
        PID:4188
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        675⤵
        
        PID:4232
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        676⤵
        
        PID:4320
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        677⤵
        
        PID:4376
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        678⤵
        
        PID:4428
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        679⤵
        
        PID:4484
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        680⤵
        
        PID:4568
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        681⤵
        
        PID:4608
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        682⤵
        
        PID:4660
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        683⤵
        
        PID:4712
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        684⤵
        
        PID:4788
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        685⤵
        
        PID:4848
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        686⤵
        
        PID:4864
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        687⤵
        
        PID:4912
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        688⤵
        
        PID:4964
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        689⤵
        
        PID:5020
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        690⤵
        
        PID:5108
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        691⤵
        
        PID:4112
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        692⤵
        
        PID:4228
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        693⤵
        
        PID:4268
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        694⤵
        
        PID:4356
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        695⤵
        System Location Discovery: System Language Discovery
        
        PID:4396
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        696⤵
        
        PID:4444
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        697⤵
        
        PID:4432
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        698⤵
        
        PID:4544
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        699⤵
        
        PID:4592
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        700⤵
        
        PID:4640
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        701⤵
        
        PID:4740
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        702⤵
        
        PID:2980
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        703⤵
        
        PID:4856
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        704⤵
        
        PID:4936
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        705⤵
        
        PID:4780
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        706⤵
        
        PID:5016
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        707⤵
        
        PID:5088
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        708⤵
        
        PID:4144
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        709⤵
        
        PID:4220
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        710⤵
        
        PID:4304
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        711⤵
        
        PID:4224
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        712⤵
        
        PID:4332
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        713⤵
        
        PID:4472
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        714⤵
        
        PID:4492
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        715⤵
        
        PID:4604
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        716⤵
        
        PID:4656
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        717⤵
        System Location Discovery: System Language Discovery
        
        PID:4704
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        718⤵
        
        PID:4816
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        719⤵
        
        PID:4752
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        720⤵
        
        PID:4880
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        721⤵
        
        PID:4908
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        722⤵
        
        PID:5024
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        723⤵
        
        PID:4116
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        724⤵
        
        PID:4120
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        725⤵
        
        PID:4152
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        726⤵
        
        PID:4368
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        727⤵
        
        PID:4324
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        728⤵
        
        PID:4440
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        729⤵
        
        PID:4580
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        730⤵
        
        PID:4588
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        731⤵
        
        PID:4316
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        732⤵
        
        PID:4696
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        733⤵
        
        PID:4796
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        734⤵
        
        PID:4900
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        735⤵
        System Location Discovery: System Language Discovery
        
        PID:4948
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        736⤵
        
        PID:4996
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        737⤵
        
        PID:5092
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        738⤵
        
        PID:5116
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        739⤵
        
        PID:4160
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        740⤵
        
        PID:4288
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        741⤵
        
        PID:4352
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        742⤵
        
        PID:4464
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        743⤵
        
        PID:4460
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        744⤵
        
        PID:4576
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        745⤵
        
        PID:4536
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        746⤵
        
        PID:4732
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        747⤵
        
        PID:4836
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        748⤵
        
        PID:4668
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        749⤵
        
        PID:4976
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        750⤵
        
        PID:5048
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        751⤵
        
        PID:4172
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        752⤵
        System Location Discovery: System Language Discovery
        
        PID:4200
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        753⤵
        
        PID:4340
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        754⤵
        
        PID:4968
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        755⤵
        System Location Discovery: System Language Discovery
        
        PID:4384
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        756⤵
        
        PID:4248
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        757⤵
        
        PID:4276
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        758⤵
        
        PID:4728
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        759⤵
        
        PID:4720
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        760⤵
        
        PID:4868
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        761⤵
        
        PID:4916
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        762⤵
        
        PID:5096
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        763⤵
        System Location Discovery: System Language Discovery
        
        PID:3080
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        764⤵
        
        PID:4312
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        765⤵
        
        PID:4284
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        766⤵
        
        PID:2608
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        767⤵
        
        PID:4500
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        768⤵
        
        PID:4408
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        769⤵
        
        PID:4600
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        770⤵
        
        PID:4584
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        771⤵
        
        PID:4700
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        772⤵
        
        PID:4692
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        773⤵
        
        PID:4800
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        774⤵
        
        PID:5008
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        775⤵
        
        PID:4764
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        776⤵
        System Location Discovery: System Language Discovery
        
        PID:4180
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        777⤵
        
        PID:4212
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        778⤵
        
        PID:4328
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        779⤵
        
        PID:4556
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        780⤵
        
        PID:4636
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        781⤵
        
        PID:4724
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        782⤵
        
        PID:4744
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        783⤵
        
        PID:4892
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        784⤵
        System Location Discovery: System Language Discovery
        
        PID:4952
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        785⤵
        
        PID:4944
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        786⤵
        
        PID:4748
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        787⤵
        
        PID:5112
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        788⤵
        
        PID:4424
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        789⤵
        
        PID:5044
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        790⤵
        
        PID:4508
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        791⤵
        
        PID:4448
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        792⤵
        
        PID:4760
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        793⤵
        System Location Discovery: System Language Discovery
        
        PID:4840
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        794⤵
        
        PID:4876
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        795⤵
        
        PID:4128
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        796⤵
        
        PID:4108
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        797⤵
        System Location Discovery: System Language Discovery
        
        PID:4124
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        798⤵
        
        PID:4272
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        799⤵
        
        PID:4456
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        800⤵
        
        PID:4528
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        801⤵
        
        PID:4884
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        802⤵
        
        PID:4888
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        803⤵
        
        PID:5000
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        804⤵
        
        PID:5076
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        805⤵
        
        PID:4252
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        806⤵
        
        PID:4100
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        807⤵
        
        PID:4380
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        808⤵
        
        PID:4196
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        809⤵
        
        PID:4388
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        810⤵
        
        PID:4256
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        811⤵
        
        PID:4792
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        812⤵
        
        PID:4972
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        813⤵
        
        PID:3792
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        814⤵
        
        PID:3160
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        815⤵
        
        PID:1776
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        816⤵
        
        PID:4300
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        817⤵
        
        PID:4392
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        818⤵
        
        PID:4680
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        819⤵
        
        PID:4960
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        820⤵
        
        PID:4904
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        821⤵
        
        PID:4168
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        822⤵
        
        PID:4436
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        823⤵
        
        PID:4520
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        824⤵
        
        PID:4480
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        825⤵
        
        PID:4476
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        826⤵
        
        PID:4804
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        827⤵
        System Location Discovery: System Language Discovery
        
        PID:4548
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        828⤵
        
        PID:3068
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        829⤵
        
        PID:4280
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        830⤵
        
        PID:4372
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        831⤵
        
        PID:4632
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        832⤵
        System Location Discovery: System Language Discovery
        
        PID:4648
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        833⤵
        
        PID:4828
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        834⤵
        
        PID:4984
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        835⤵
        
        PID:4992
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        836⤵
        
        PID:4360
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        837⤵
        
        PID:4364
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        838⤵
        System Location Discovery: System Language Discovery
        
        PID:4808
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        839⤵
        
        PID:5004
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        840⤵
        
        PID:4932
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        841⤵
        
        PID:5012
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        842⤵
        
        PID:4264
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        843⤵
        
        PID:4540
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        844⤵
        
        PID:4572
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        845⤵
        
        PID:4468
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        846⤵
        
        PID:4208
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        847⤵
        
        PID:4416
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        848⤵
        
        PID:4532
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        849⤵
        
        PID:4496
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        850⤵
        
        PID:4672
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        851⤵
        
        PID:4644
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        852⤵
        
        PID:5104
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        853⤵
        
        PID:4148
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        854⤵
        
        PID:2356
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        855⤵
        
        PID:4736
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        856⤵
        
        PID:4824
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        857⤵
        
        PID:4988
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        858⤵
        
        PID:4404
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        859⤵
        
        PID:4336
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        860⤵
        
        PID:4412
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        861⤵
        
        PID:4756
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        862⤵
        
        PID:3084
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        863⤵
        
        PID:5056
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        864⤵
        
        PID:2200
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        865⤵
        
        PID:4784
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        866⤵
        
        PID:4684
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        867⤵
        
        PID:4524
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        868⤵
        
        PID:4676
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        869⤵
        
        PID:4140
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        870⤵
        
        PID:4844
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        871⤵
        
        PID:4156
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        872⤵
        
        PID:4204
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        873⤵
        
        PID:2080
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        874⤵
        
        PID:4216
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        875⤵
        
        PID:5052
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        876⤵
        
        PID:4772
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        877⤵
        
        PID:3840
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        878⤵
        
        PID:4292
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        879⤵
        
        PID:2508
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        880⤵
        
        PID:4896
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        881⤵
        
        PID:5040
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        882⤵
        
        PID:5060
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        883⤵
        
        PID:4564
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        884⤵
        
        PID:4488
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        885⤵
        
        PID:4516
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        886⤵
        
        PID:4832
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        887⤵
        
        PID:4260
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        888⤵
        
        PID:4860
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        889⤵
        
        PID:2696
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        890⤵
        
        PID:4184
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        891⤵
        
        PID:4616
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        892⤵
        
        PID:4420
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        893⤵
        
        PID:4940
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        894⤵
        
        PID:4552
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        895⤵
        
        PID:5100
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        896⤵
        
        PID:2072
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        897⤵
        
        PID:4624
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        898⤵
        
        PID:956
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        899⤵
        
        PID:4596
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        900⤵
        
        PID:4652
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        901⤵
        
        PID:4628
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        902⤵
        
        PID:4620
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        903⤵
        
        PID:5072
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        904⤵
        
        PID:4852
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        905⤵
        
        PID:4776
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        906⤵
        
        PID:4236
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        907⤵
        
        PID:4688
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        908⤵
        
        PID:4136
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        909⤵
        
        PID:5028
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        910⤵
        
        PID:4176
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        911⤵
        
        PID:4708
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        912⤵
        
        PID:4920
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        913⤵
        
        PID:5164
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        914⤵
        
        PID:5216
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        915⤵
        
        PID:5268
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        916⤵
        
        PID:5320
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        917⤵
        
        PID:5372
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        918⤵
        
        PID:5424
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        919⤵
        
        PID:5476
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        920⤵
        
        PID:5528
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        921⤵
        
        PID:5584
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        922⤵
        
        PID:5636
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        923⤵
        
        PID:5688
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        924⤵
        
        PID:5740
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        925⤵
        
        PID:5796
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        926⤵
        
        PID:5848
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        927⤵
        
        PID:5900
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        928⤵
        
        PID:5952
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        929⤵
        
        PID:6004
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        930⤵
        
        PID:6060
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        931⤵
        
        PID:6112
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        932⤵
        
        PID:4928
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        933⤵
        
        PID:5152
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        934⤵
        
        PID:5228
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        935⤵
        
        PID:5288
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        936⤵
        
        PID:5344
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        937⤵
        
        PID:5400
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        938⤵
        
        PID:5456
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        939⤵
        
        PID:5524
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        940⤵
        
        PID:5576
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        941⤵
        
        PID:5652
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        942⤵
        
        PID:5640
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        943⤵
        
        PID:5764
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        944⤵
        
        PID:5768
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        945⤵
        
        PID:5800
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        946⤵
        
        PID:5852
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        947⤵
        
        PID:5936
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        948⤵
        
        PID:5992
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        949⤵
        
        PID:6076
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        950⤵
        
        PID:4812
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        951⤵
        
        PID:5160
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        952⤵
        
        PID:5224
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        953⤵
        
        PID:5300
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        954⤵
        
        PID:5368
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        955⤵
        
        PID:5420
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        956⤵
        
        PID:5488
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        957⤵
        
        PID:5492
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        958⤵
        
        PID:5552
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        959⤵
        
        PID:5612
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        960⤵
        
        PID:5700
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        961⤵
        
        PID:5732
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        962⤵
        
        PID:5792
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        963⤵
        
        PID:5892
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        964⤵
        
        PID:5940
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        965⤵
        
        PID:5988
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        966⤵
        
        PID:6080
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        967⤵
        
        PID:6124
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        968⤵
        
        PID:6116
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        969⤵
        
        PID:5208
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        970⤵
        
        PID:5260
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        971⤵
        
        PID:5312
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        972⤵
        
        PID:5376
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        973⤵
        
        PID:5428
        
        C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3369635adf29d24bf9760cd267ba148_JaffaCakes118.exe"
        974⤵
        
        PID:5592

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/276-162-0x0000000000400000-0x000000000042AE00-memory.dmp

Filesize
171KB

Download
memory/276-157-0x0000000002D80000-0x0000000002DBD000-memory.dmp

Filesize
244KB

Download
memory/396-460-0x0000000000470000-0x00000000004AD000-memory.dmp

Filesize
244KB

Download
memory/432-299-0x00000000004F0000-0x000000000052D000-memory.dmp

Filesize
244KB

Download
memory/596-439-0x00000000023C0000-0x00000000023FD000-memory.dmp

Filesize
244KB

Download
memory/780-189-0x0000000002D50000-0x0000000002D8D000-memory.dmp

Filesize
244KB

Download
memory/812-110-0x0000000001D30000-0x0000000001D6D000-memory.dmp

Filesize
244KB

Download
memory/884-382-0x00000000027C0000-0x00000000027FD000-memory.dmp

Filesize
244KB

Download
memory/928-354-0x0000000001DB0000-0x0000000001DED000-memory.dmp

Filesize
244KB

Download
memory/1052-343-0x0000000000400000-0x000000000042AE00-memory.dmp

Filesize
171KB

Download
memory/1428-285-0x0000000002870000-0x00000000028AD000-memory.dmp

Filesize
244KB

Download
memory/1444-292-0x00000000025C0000-0x00000000025FD000-memory.dmp

Filesize
244KB

Download
memory/1504-488-0x0000000000400000-0x000000000042AE00-memory.dmp

Filesize
171KB

Download
memory/1504-481-0x0000000001E50000-0x0000000001E8D000-memory.dmp

Filesize
244KB

Download
memory/1520-165-0x00000000025B0000-0x00000000025ED000-memory.dmp

Filesize
244KB

Download
memory/1520-172-0x0000000000400000-0x000000000042AE00-memory.dmp

Filesize
171KB

Download
memory/1588-475-0x0000000001FE0000-0x000000000201D000-memory.dmp

Filesize
244KB

Download
memory/1592-52-0x0000000000400000-0x000000000042AE00-memory.dmp

Filesize
171KB

Download
memory/1592-48-0x0000000000470000-0x00000000004AD000-memory.dmp

Filesize
244KB

Download
memory/1592-50-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/1608-389-0x0000000002540000-0x000000000257D000-memory.dmp

Filesize
244KB

Download
memory/1628-361-0x0000000002470000-0x00000000024AD000-memory.dmp

Filesize
244KB

Download
memory/1668-340-0x0000000002500000-0x000000000253D000-memory.dmp

Filesize
244KB

Download
memory/1792-117-0x0000000002DA0000-0x0000000002DDD000-memory.dmp

Filesize
244KB

Download
memory/1792-122-0x0000000000400000-0x000000000042AE00-memory.dmp

Filesize
171KB

Download
memory/1792-120-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/1840-208-0x0000000000400000-0x000000000042AE00-memory.dmp

Filesize
171KB

Download
memory/1840-203-0x00000000023C0000-0x00000000023FD000-memory.dmp

Filesize
244KB

Download
memory/1968-181-0x00000000007A0000-0x00000000007DD000-memory.dmp

Filesize
244KB

Download
memory/1988-104-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/1988-102-0x0000000002D90000-0x0000000002DCD000-memory.dmp

Filesize
244KB

Download
memory/1988-107-0x0000000000400000-0x000000000042AE00-memory.dmp

Filesize
171KB

Download
memory/2000-195-0x00000000024C0000-0x00000000024FD000-memory.dmp

Filesize
244KB

Download
memory/2000-200-0x0000000000400000-0x000000000042AE00-memory.dmp

Filesize
171KB

Download
memory/2056-368-0x0000000001E20000-0x0000000001E5D000-memory.dmp

Filesize
244KB

Download
memory/2108-140-0x0000000000400000-0x000000000042AE00-memory.dmp

Filesize
171KB

Download
memory/2108-133-0x00000000023B0000-0x00000000023ED000-memory.dmp

Filesize
244KB

Download
memory/2124-8-0x0000000000400000-0x000000000043C400-memory.dmp

Filesize
241KB

Download
memory/2124-3-0x0000000002590000-0x00000000025CD000-memory.dmp

Filesize
244KB

Download
memory/2124-0-0x0000000000400000-0x000000000043C400-memory.dmp

Filesize
241KB

Download
memory/2128-467-0x0000000000660000-0x000000000069D000-memory.dmp

Filesize
244KB

Download
memory/2132-26-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2132-14-0x0000000000400000-0x000000000042AE00-memory.dmp

Filesize
171KB

Download
memory/2132-28-0x0000000000400000-0x000000000042AE00-memory.dmp

Filesize
171KB

Download
memory/2132-22-0x0000000002710000-0x000000000274D000-memory.dmp

Filesize
244KB

Download
memory/2144-262-0x0000000001E70000-0x0000000001EAD000-memory.dmp

Filesize
244KB

Download
memory/2144-267-0x0000000000400000-0x000000000042AE00-memory.dmp

Filesize
171KB

Download
memory/2152-490-0x0000000000470000-0x00000000004AD000-memory.dmp

Filesize
244KB

Download
memory/2216-63-0x0000000000470000-0x00000000004AD000-memory.dmp

Filesize
244KB

Download
memory/2216-67-0x0000000000400000-0x000000000042AE00-memory.dmp

Filesize
171KB

Download
memory/2216-65-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2232-149-0x0000000002520000-0x000000000255D000-memory.dmp

Filesize
244KB

Download
memory/2232-156-0x0000000000400000-0x000000000042AE00-memory.dmp

Filesize
171KB

Download
memory/2264-71-0x0000000000470000-0x00000000004AD000-memory.dmp

Filesize
244KB

Download
memory/2264-75-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2264-78-0x0000000000400000-0x000000000042AE00-memory.dmp

Filesize
171KB

Download
memory/2276-270-0x0000000001D90000-0x0000000001DCD000-memory.dmp

Filesize
244KB

Download
memory/2300-145-0x0000000000400000-0x000000000042AE00-memory.dmp

Filesize
171KB

Download
memory/2300-142-0x0000000002370000-0x00000000023AD000-memory.dmp

Filesize
244KB

Download
memory/2312-332-0x0000000000400000-0x000000000042AE00-memory.dmp

Filesize
171KB

Download
memory/2372-79-0x00000000004B0000-0x00000000004ED000-memory.dmp

Filesize
244KB

Download
memory/2396-125-0x0000000001E50000-0x0000000001E8D000-memory.dmp

Filesize
244KB

Download
memory/2396-130-0x0000000000400000-0x000000000042AE00-memory.dmp

Filesize
171KB

Download
memory/2400-312-0x0000000001EF0000-0x0000000001F2D000-memory.dmp

Filesize
244KB

Download
memory/2444-403-0x0000000000400000-0x000000000042AE00-memory.dmp

Filesize
171KB

Download
memory/2444-396-0x0000000002420000-0x000000000245D000-memory.dmp

Filesize
244KB

Download
memory/2448-319-0x0000000002660000-0x000000000269D000-memory.dmp

Filesize
244KB

Download
memory/2516-446-0x0000000002D90000-0x0000000002DCD000-memory.dmp

Filesize
244KB

Download
memory/2520-86-0x0000000000430000-0x000000000046D000-memory.dmp

Filesize
244KB

Download
memory/2520-88-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2520-91-0x0000000000400000-0x000000000042AE00-memory.dmp

Filesize
171KB

Download
memory/2532-333-0x0000000001F10000-0x0000000001F4D000-memory.dmp

Filesize
244KB

Download
memory/2536-453-0x0000000000470000-0x00000000004AD000-memory.dmp

Filesize
244KB

Download
memory/2568-215-0x0000000000400000-0x000000000042AE00-memory.dmp

Filesize
171KB

Download
memory/2568-211-0x0000000000510000-0x000000000054D000-memory.dmp

Filesize
244KB

Download
memory/2596-376-0x0000000002690000-0x00000000026CD000-memory.dmp

Filesize
244KB

Download
memory/2616-277-0x0000000000470000-0x00000000004AD000-memory.dmp

Filesize
244KB

Download
memory/2616-281-0x0000000000400000-0x000000000042AE00-memory.dmp

Filesize
171KB

Download
memory/2624-249-0x00000000024B0000-0x00000000024ED000-memory.dmp

Filesize
244KB

Download
memory/2660-425-0x0000000002D70000-0x0000000002DAD000-memory.dmp

Filesize
244KB

Download
memory/2672-432-0x0000000001E30000-0x0000000001E6D000-memory.dmp

Filesize
244KB

Download
memory/2680-255-0x0000000002710000-0x000000000274D000-memory.dmp

Filesize
244KB

Download
memory/2704-56-0x00000000024E0000-0x000000000251D000-memory.dmp

Filesize
244KB

Download
memory/2704-60-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2704-62-0x0000000000400000-0x000000000042AE00-memory.dmp

Filesize
171KB

Download
memory/2724-219-0x0000000001DC0000-0x0000000001DFD000-memory.dmp

Filesize
244KB

Download
memory/2740-39-0x0000000000400000-0x000000000042AE00-memory.dmp

Filesize
171KB

Download
memory/2740-37-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2740-31-0x0000000001CF0000-0x0000000001D2D000-memory.dmp

Filesize
244KB

Download
memory/2748-411-0x0000000001E20000-0x0000000001E5D000-memory.dmp

Filesize
244KB

Download
memory/2756-233-0x0000000002760000-0x000000000279D000-memory.dmp

Filesize
244KB

Download
memory/2804-418-0x0000000002510000-0x000000000254D000-memory.dmp

Filesize
244KB

Download
memory/2812-45-0x0000000000400000-0x000000000042AE00-memory.dmp

Filesize
171KB

Download
memory/2812-42-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2812-40-0x0000000000430000-0x000000000046D000-memory.dmp

Filesize
244KB

Download
memory/2828-94-0x00000000027A0000-0x00000000027DD000-memory.dmp

Filesize
244KB

Download
memory/2828-96-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2828-99-0x0000000000400000-0x000000000042AE00-memory.dmp

Filesize
171KB

Download
memory/2856-226-0x0000000002560000-0x000000000259D000-memory.dmp

Filesize
244KB

Download
memory/2868-404-0x0000000000660000-0x000000000069D000-memory.dmp

Filesize
244KB

Download
memory/2896-240-0x00000000005A0000-0x00000000005DD000-memory.dmp

Filesize
244KB

Download
memory/2896-247-0x0000000000400000-0x000000000042AE00-memory.dmp

Filesize
171KB

Download
memory/2960-4-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2960-19-0x0000000000400000-0x000000000042AE00-memory.dmp

Filesize
171KB

Download
memory/2960-7-0x0000000000400000-0x000000000042AE00-memory.dmp

Filesize
171KB

Download
memory/2960-6-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2960-11-0x00000000005B0000-0x00000000005ED000-memory.dmp

Filesize
244KB

Download
memory/2960-18-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/3016-178-0x0000000000400000-0x000000000042AE00-memory.dmp

Filesize
171KB

Download
memory/3016-173-0x0000000002810000-0x000000000284D000-memory.dmp

Filesize
244KB

Download