blackmoon | 8420a5edbff96330ea9e470a2211a039d7a472ad28457c354d1585d91cf0315e

Analysis

max time kernel
120s
max time network
20s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
06/09/2024, 23:26 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6e4139af8432476340c8bdeb9fa666d0N.exe
Size

332KB
MD5

6e4139af8432476340c8bdeb9fa666d0
SHA1

487630b5ef0ff37ba62964e868ebebf7857c1b21
SHA256

8420a5edbff96330ea9e470a2211a039d7a472ad28457c354d1585d91cf0315e
SHA512

c31c2180256b739bfbd715a64a64c86ca84e2e5ec1099bc472bdbe0abf59b8e953ab245e7522d1cc3fbdfd7301b8232fbe57d9fc89d7f3ff7c336821697a702a
SSDEEP

6144:3cm7ImGddXsJdJIjaRleL42bL37BoTPkhu9gX5yGsTshQc8R0nxA5ij8+RC7tPhp:F7Tc8JdSjylh2b77BoTMA9gX59sTsuT5

Score

10^/10

blackmoon banker discovery trojan upx

Malware Config

Signatures

Blackmoon, KrBanker
Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
trojan banker blackmoon

Detect Blackmoon payload 49 IoCs

resource	yara_rule
behavioral1/memory/2760-10-0x0000000000400000-0x000000000042A000-memory.dmp	family_blackmoon
behavioral1/memory/2648-7-0x0000000000400000-0x000000000042A000-memory.dmp	family_blackmoon
behavioral1/memory/2696-27-0x0000000000400000-0x000000000042A000-memory.dmp	family_blackmoon
behavioral1/memory/2696-25-0x0000000000230000-0x000000000025A000-memory.dmp	family_blackmoon
behavioral1/memory/3040-35-0x0000000000400000-0x000000000042A000-memory.dmp	family_blackmoon
behavioral1/memory/2840-46-0x0000000000400000-0x000000000042A000-memory.dmp	family_blackmoon
behavioral1/memory/2580-56-0x0000000000400000-0x000000000042A000-memory.dmp	family_blackmoon
behavioral1/memory/2964-69-0x0000000000400000-0x000000000042A000-memory.dmp	family_blackmoon
behavioral1/memory/2552-66-0x0000000000400000-0x000000000042A000-memory.dmp	family_blackmoon
behavioral1/memory/1476-83-0x0000000000220000-0x000000000024A000-memory.dmp	family_blackmoon
behavioral1/memory/1476-85-0x0000000000400000-0x000000000042A000-memory.dmp	family_blackmoon
behavioral1/memory/2364-102-0x0000000000220000-0x000000000024A000-memory.dmp	family_blackmoon
behavioral1/memory/2364-104-0x0000000000400000-0x000000000042A000-memory.dmp	family_blackmoon
behavioral1/memory/1904-113-0x0000000000400000-0x000000000042A000-memory.dmp	family_blackmoon
behavioral1/memory/1268-123-0x0000000000400000-0x000000000042A000-memory.dmp	family_blackmoon
behavioral1/memory/236-133-0x0000000000400000-0x000000000042A000-memory.dmp	family_blackmoon
behavioral1/memory/2424-141-0x0000000000220000-0x000000000024A000-memory.dmp	family_blackmoon
behavioral1/memory/2424-143-0x0000000000400000-0x000000000042A000-memory.dmp	family_blackmoon
behavioral1/memory/2828-151-0x0000000000400000-0x000000000042A000-memory.dmp	family_blackmoon
behavioral1/memory/1624-160-0x0000000000220000-0x000000000024A000-memory.dmp	family_blackmoon
behavioral1/memory/1748-170-0x0000000000400000-0x000000000042A000-memory.dmp	family_blackmoon
behavioral1/memory/2896-180-0x0000000000400000-0x000000000042A000-memory.dmp	family_blackmoon
behavioral1/memory/2232-190-0x0000000000400000-0x000000000042A000-memory.dmp	family_blackmoon
behavioral1/memory/2232-188-0x0000000000220000-0x000000000024A000-memory.dmp	family_blackmoon
behavioral1/memory/3020-198-0x0000000000220000-0x000000000024A000-memory.dmp	family_blackmoon
behavioral1/memory/1656-217-0x0000000000400000-0x000000000042A000-memory.dmp	family_blackmoon
behavioral1/memory/1040-243-0x0000000000400000-0x000000000042A000-memory.dmp	family_blackmoon
behavioral1/memory/1000-277-0x0000000000400000-0x000000000042A000-memory.dmp	family_blackmoon
behavioral1/memory/2756-317-0x0000000000400000-0x000000000042A000-memory.dmp	family_blackmoon
behavioral1/memory/2852-330-0x0000000000400000-0x000000000042A000-memory.dmp	family_blackmoon
behavioral1/memory/2548-343-0x0000000000400000-0x000000000042A000-memory.dmp	family_blackmoon
behavioral1/memory/2604-350-0x0000000000400000-0x000000000042A000-memory.dmp	family_blackmoon
behavioral1/memory/1248-410-0x0000000000220000-0x000000000024A000-memory.dmp	family_blackmoon
behavioral1/memory/2720-430-0x0000000000400000-0x000000000042A000-memory.dmp	family_blackmoon
behavioral1/memory/796-438-0x0000000000400000-0x000000000042A000-memory.dmp	family_blackmoon
behavioral1/memory/2136-490-0x0000000000400000-0x000000000042A000-memory.dmp	family_blackmoon
behavioral1/memory/1656-497-0x0000000000220000-0x000000000024A000-memory.dmp	family_blackmoon
behavioral1/memory/2600-504-0x0000000000220000-0x000000000024A000-memory.dmp	family_blackmoon
behavioral1/memory/2056-525-0x0000000000400000-0x000000000042A000-memory.dmp	family_blackmoon
behavioral1/memory/1580-563-0x0000000000400000-0x000000000042A000-memory.dmp	family_blackmoon
behavioral1/memory/2888-589-0x0000000000220000-0x000000000024A000-memory.dmp	family_blackmoon
behavioral1/memory/1280-691-0x0000000000400000-0x000000000042A000-memory.dmp	family_blackmoon
behavioral1/memory/2744-706-0x0000000000220000-0x000000000024A000-memory.dmp	family_blackmoon
behavioral1/memory/2892-718-0x00000000001B0000-0x00000000001DA000-memory.dmp	family_blackmoon
behavioral1/memory/2892-720-0x00000000001B0000-0x00000000001DA000-memory.dmp	family_blackmoon
behavioral1/memory/2060-732-0x00000000002C0000-0x00000000002EA000-memory.dmp	family_blackmoon
behavioral1/memory/408-761-0x00000000001B0000-0x00000000001DA000-memory.dmp	family_blackmoon
behavioral1/memory/1792-788-0x00000000002C0000-0x00000000002EA000-memory.dmp	family_blackmoon
behavioral1/memory/1536-801-0x00000000003A0000-0x00000000003CA000-memory.dmp	family_blackmoon

Executes dropped EXE 64 IoCs

pid	Process
2760	xxlxllf.exe
2696	ddpdp.exe
3040	xrxxlrf.exe
2840	dvjpd.exe
2580	rlfxllx.exe
2552	vvjvj.exe
2964	5nbhth.exe
1476	hbttnb.exe
2944	vpdjv.exe
2364	hhtnbh.exe
1904	3llfxxx.exe
1268	bthntt.exe
236	ddjpd.exe
2424	tnbhtt.exe
2828	5vjvp.exe
1624	bbnbhn.exe
1748	jjdvj.exe
2896	rffxxrf.exe
2232	vvppp.exe
3020	ffxrxxf.exe
2916	pjvvd.exe
1656	xrlxflr.exe
2008	nhtntb.exe
2492	5xfflrf.exe
1040	hbnthn.exe
1848	pjdpp.exe
2508	3htbbb.exe
2208	pppvv.exe
1000	5htttb.exe
1212	pvppd.exe
2692	lfxrxxf.exe
1548	5pjpv.exe
2800	lrlfrrx.exe
2756	btnbnn.exe
2704	tnbhbb.exe
2852	ddvpd.exe
2840	1lxxffl.exe
2548	5htttt.exe
2604	jjppj.exe
2960	lrlrrrf.exe
1712	9tttbb.exe
1476	pjvjd.exe
1264	jjdjv.exe
2360	7lxflrx.exe
2388	tbtbnt.exe
1832	pjvvd.exe
620	5frxrxf.exe
1248	5btbht.exe
584	bbhnbb.exe
1088	pvpdv.exe
2720	xrxxflr.exe
796	9bhtnt.exe
696	nnhthh.exe
1592	xrfxrxl.exe
1400	xxrrffr.exe
3016	btntnt.exe
3036	vvpdp.exe
1452	rrlrxxl.exe
2464	hhhtth.exe
2136	htnntt.exe
1656	pjppv.exe
2600	rxrxflx.exe
1792	tnttth.exe
948	dpjjv.exe

UPX packed file 35 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/2760-10-0x0000000000400000-0x000000000042A000-memory.dmp	upx
behavioral1/memory/2648-7-0x0000000000400000-0x000000000042A000-memory.dmp	upx
behavioral1/memory/2696-27-0x0000000000400000-0x000000000042A000-memory.dmp	upx
behavioral1/memory/3040-35-0x0000000000400000-0x000000000042A000-memory.dmp	upx
behavioral1/memory/2840-46-0x0000000000400000-0x000000000042A000-memory.dmp	upx
behavioral1/memory/2580-56-0x0000000000400000-0x000000000042A000-memory.dmp	upx
behavioral1/memory/2964-69-0x0000000000400000-0x000000000042A000-memory.dmp	upx
behavioral1/memory/2552-66-0x0000000000400000-0x000000000042A000-memory.dmp	upx
behavioral1/memory/2944-86-0x0000000000400000-0x000000000042A000-memory.dmp	upx
behavioral1/memory/1476-85-0x0000000000400000-0x000000000042A000-memory.dmp	upx
behavioral1/memory/2364-104-0x0000000000400000-0x000000000042A000-memory.dmp	upx
behavioral1/memory/1904-113-0x0000000000400000-0x000000000042A000-memory.dmp	upx
behavioral1/memory/1268-123-0x0000000000400000-0x000000000042A000-memory.dmp	upx
behavioral1/memory/236-133-0x0000000000400000-0x000000000042A000-memory.dmp	upx
behavioral1/memory/2424-143-0x0000000000400000-0x000000000042A000-memory.dmp	upx
behavioral1/memory/2828-151-0x0000000000400000-0x000000000042A000-memory.dmp	upx
behavioral1/memory/1748-170-0x0000000000400000-0x000000000042A000-memory.dmp	upx
behavioral1/memory/2896-180-0x0000000000400000-0x000000000042A000-memory.dmp	upx
behavioral1/memory/2232-190-0x0000000000400000-0x000000000042A000-memory.dmp	upx
behavioral1/memory/1656-217-0x0000000000400000-0x000000000042A000-memory.dmp	upx
behavioral1/memory/1040-243-0x0000000000400000-0x000000000042A000-memory.dmp	upx
behavioral1/memory/1000-277-0x0000000000400000-0x000000000042A000-memory.dmp	upx
behavioral1/memory/2756-317-0x0000000000400000-0x000000000042A000-memory.dmp	upx
behavioral1/memory/2852-330-0x0000000000400000-0x000000000042A000-memory.dmp	upx
behavioral1/memory/2548-343-0x0000000000400000-0x000000000042A000-memory.dmp	upx
behavioral1/memory/2604-350-0x0000000000400000-0x000000000042A000-memory.dmp	upx
behavioral1/memory/2840-353-0x0000000000400000-0x000000000042A000-memory.dmp	upx
behavioral1/memory/2720-430-0x0000000000400000-0x000000000042A000-memory.dmp	upx
behavioral1/memory/796-438-0x0000000000400000-0x000000000042A000-memory.dmp	upx
behavioral1/memory/2136-490-0x0000000000400000-0x000000000042A000-memory.dmp	upx
behavioral1/memory/2600-504-0x0000000000220000-0x000000000024A000-memory.dmp	upx
behavioral1/memory/2056-525-0x0000000000400000-0x000000000042A000-memory.dmp	upx
behavioral1/memory/2508-533-0x0000000000400000-0x000000000042A000-memory.dmp	upx
behavioral1/memory/1580-563-0x0000000000400000-0x000000000042A000-memory.dmp	upx
behavioral1/memory/1280-691-0x0000000000400000-0x000000000042A000-memory.dmp	upx

System Location Discovery: System Language Discovery 1 TTPs 64 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	xrlflrf.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	1ddjj.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	tnttth.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	vpjpv.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	pppdj.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	1lflrxr.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	3flllrf.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	vpdjp.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	lxlxxfl.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	tnbtbh.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	9flffxx.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	jppdj.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	lrrxxxf.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rlxfrxf.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Process not Found
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	bbhnbb.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2648 wrote to memory of 2760	2648	6e4139af8432476340c8bdeb9fa666d0N.exe	31
PID 2648 wrote to memory of 2760	2648	6e4139af8432476340c8bdeb9fa666d0N.exe	31
PID 2648 wrote to memory of 2760	2648	6e4139af8432476340c8bdeb9fa666d0N.exe	31
PID 2648 wrote to memory of 2760	2648	6e4139af8432476340c8bdeb9fa666d0N.exe	31
PID 2760 wrote to memory of 2696	2760	xxlxllf.exe	32
PID 2760 wrote to memory of 2696	2760	xxlxllf.exe	32
PID 2760 wrote to memory of 2696	2760	xxlxllf.exe	32
PID 2760 wrote to memory of 2696	2760	xxlxllf.exe	32
PID 2696 wrote to memory of 3040	2696	ddpdp.exe	33
PID 2696 wrote to memory of 3040	2696	ddpdp.exe	33
PID 2696 wrote to memory of 3040	2696	ddpdp.exe	33
PID 2696 wrote to memory of 3040	2696	ddpdp.exe	33
PID 3040 wrote to memory of 2840	3040	xrxxlrf.exe	34
PID 3040 wrote to memory of 2840	3040	xrxxlrf.exe	34
PID 3040 wrote to memory of 2840	3040	xrxxlrf.exe	34
PID 3040 wrote to memory of 2840	3040	xrxxlrf.exe	34
PID 2840 wrote to memory of 2580	2840	dvjpd.exe	35
PID 2840 wrote to memory of 2580	2840	dvjpd.exe	35
PID 2840 wrote to memory of 2580	2840	dvjpd.exe	35
PID 2840 wrote to memory of 2580	2840	dvjpd.exe	35
PID 2580 wrote to memory of 2552	2580	rlfxllx.exe	36
PID 2580 wrote to memory of 2552	2580	rlfxllx.exe	36
PID 2580 wrote to memory of 2552	2580	rlfxllx.exe	36
PID 2580 wrote to memory of 2552	2580	rlfxllx.exe	36
PID 2552 wrote to memory of 2964	2552	vvjvj.exe	37
PID 2552 wrote to memory of 2964	2552	vvjvj.exe	37
PID 2552 wrote to memory of 2964	2552	vvjvj.exe	37
PID 2552 wrote to memory of 2964	2552	vvjvj.exe	37
PID 2964 wrote to memory of 1476	2964	5nbhth.exe	38
PID 2964 wrote to memory of 1476	2964	5nbhth.exe	38
PID 2964 wrote to memory of 1476	2964	5nbhth.exe	38
PID 2964 wrote to memory of 1476	2964	5nbhth.exe	38
PID 1476 wrote to memory of 2944	1476	hbttnb.exe	39
PID 1476 wrote to memory of 2944	1476	hbttnb.exe	39
PID 1476 wrote to memory of 2944	1476	hbttnb.exe	39
PID 1476 wrote to memory of 2944	1476	hbttnb.exe	39
PID 2944 wrote to memory of 2364	2944	vpdjv.exe	40
PID 2944 wrote to memory of 2364	2944	vpdjv.exe	40
PID 2944 wrote to memory of 2364	2944	vpdjv.exe	40
PID 2944 wrote to memory of 2364	2944	vpdjv.exe	40
PID 2364 wrote to memory of 1904	2364	hhtnbh.exe	41
PID 2364 wrote to memory of 1904	2364	hhtnbh.exe	41
PID 2364 wrote to memory of 1904	2364	hhtnbh.exe	41
PID 2364 wrote to memory of 1904	2364	hhtnbh.exe	41
PID 1904 wrote to memory of 1268	1904	3llfxxx.exe	42
PID 1904 wrote to memory of 1268	1904	3llfxxx.exe	42
PID 1904 wrote to memory of 1268	1904	3llfxxx.exe	42
PID 1904 wrote to memory of 1268	1904	3llfxxx.exe	42
PID 1268 wrote to memory of 236	1268	bthntt.exe	43
PID 1268 wrote to memory of 236	1268	bthntt.exe	43
PID 1268 wrote to memory of 236	1268	bthntt.exe	43
PID 1268 wrote to memory of 236	1268	bthntt.exe	43
PID 236 wrote to memory of 2424	236	ddjpd.exe	44
PID 236 wrote to memory of 2424	236	ddjpd.exe	44
PID 236 wrote to memory of 2424	236	ddjpd.exe	44
PID 236 wrote to memory of 2424	236	ddjpd.exe	44
PID 2424 wrote to memory of 2828	2424	tnbhtt.exe	45
PID 2424 wrote to memory of 2828	2424	tnbhtt.exe	45
PID 2424 wrote to memory of 2828	2424	tnbhtt.exe	45
PID 2424 wrote to memory of 2828	2424	tnbhtt.exe	45
PID 2828 wrote to memory of 1624	2828	5vjvp.exe	46
PID 2828 wrote to memory of 1624	2828	5vjvp.exe	46
PID 2828 wrote to memory of 1624	2828	5vjvp.exe	46
PID 2828 wrote to memory of 1624	2828	5vjvp.exe	46

C:\Users\Admin\AppData\Local\Temp\6e4139af8432476340c8bdeb9fa666d0N.exe
"C:\Users\Admin\AppData\Local\Temp\6e4139af8432476340c8bdeb9fa666d0N.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2648
- \??\c:\xxlxllf.exe
  c:\xxlxllf.exe
  2⤵
  - Executes dropped EXE
  - Suspicious use of WriteProcessMemory
  PID:2760
- - \??\c:\ddpdp.exe
    c:\ddpdp.exe
    3⤵
    - Executes dropped EXE
    - Suspicious use of WriteProcessMemory
    PID:2696
  - - \??\c:\xrxxlrf.exe
      c:\xrxxlrf.exe
      4⤵
      Executes dropped EXE
      Suspicious use of WriteProcessMemory
      PID:3040
    - - \??\c:\dvjpd.exe
        
        c:\dvjpd.exe
        5⤵
        Executes dropped EXE
        Suspicious use of WriteProcessMemory
        
        PID:2840
      - \??\c:\rlfxllx.exe
        
        c:\rlfxllx.exe
        6⤵
        Executes dropped EXE
        Suspicious use of WriteProcessMemory
        
        PID:2580
        
        \??\c:\vvjvj.exe
        
        c:\vvjvj.exe
        7⤵
        Executes dropped EXE
        Suspicious use of WriteProcessMemory
        
        PID:2552
        
        \??\c:\5nbhth.exe
        
        c:\5nbhth.exe
        8⤵
        Executes dropped EXE
        Suspicious use of WriteProcessMemory
        
        PID:2964
        
        \??\c:\hbttnb.exe
        
        c:\hbttnb.exe
        9⤵
        Executes dropped EXE
        Suspicious use of WriteProcessMemory
        
        PID:1476
        
        \??\c:\vpdjv.exe
        
        c:\vpdjv.exe
        10⤵
        Executes dropped EXE
        Suspicious use of WriteProcessMemory
        
        PID:2944
        
        \??\c:\hhtnbh.exe
        
        c:\hhtnbh.exe
        11⤵
        Executes dropped EXE
        Suspicious use of WriteProcessMemory
        
        PID:2364
        
        \??\c:\3llfxxx.exe
        
        c:\3llfxxx.exe
        12⤵
        Executes dropped EXE
        Suspicious use of WriteProcessMemory
        
        PID:1904
        
        \??\c:\bthntt.exe
        
        c:\bthntt.exe
        13⤵
        Executes dropped EXE
        Suspicious use of WriteProcessMemory
        
        PID:1268
        
        \??\c:\ddjpd.exe
        
        c:\ddjpd.exe
        14⤵
        Executes dropped EXE
        Suspicious use of WriteProcessMemory
        
        PID:236
        
        \??\c:\tnbhtt.exe
        
        c:\tnbhtt.exe
        15⤵
        Executes dropped EXE
        Suspicious use of WriteProcessMemory
        
        PID:2424
        
        \??\c:\5vjvp.exe
        
        c:\5vjvp.exe
        16⤵
        Executes dropped EXE
        Suspicious use of WriteProcessMemory
        
        PID:2828
        
        \??\c:\bbnbhn.exe
        
        c:\bbnbhn.exe
        17⤵
        Executes dropped EXE
        
        PID:1624
        
        \??\c:\jjdvj.exe
        
        c:\jjdvj.exe
        18⤵
        Executes dropped EXE
        
        PID:1748
        
        \??\c:\rffxxrf.exe
        
        c:\rffxxrf.exe
        19⤵
        Executes dropped EXE
        
        PID:2896
        
        \??\c:\vvppp.exe
        
        c:\vvppp.exe
        20⤵
        Executes dropped EXE
        
        PID:2232
        
        \??\c:\ffxrxxf.exe
        
        c:\ffxrxxf.exe
        21⤵
        Executes dropped EXE
        
        PID:3020
        
        \??\c:\pjvvd.exe
        
        c:\pjvvd.exe
        22⤵
        Executes dropped EXE
        
        PID:2916
        
        \??\c:\xrlxflr.exe
        
        c:\xrlxflr.exe
        23⤵
        Executes dropped EXE
        
        PID:1656
        
        \??\c:\nhtntb.exe
        
        c:\nhtntb.exe
        24⤵
        Executes dropped EXE
        
        PID:2008
        
        \??\c:\5xfflrf.exe
        
        c:\5xfflrf.exe
        25⤵
        Executes dropped EXE
        
        PID:2492
        
        \??\c:\hbnthn.exe
        
        c:\hbnthn.exe
        26⤵
        Executes dropped EXE
        
        PID:1040
        
        \??\c:\pjdpp.exe
        
        c:\pjdpp.exe
        27⤵
        Executes dropped EXE
        
        PID:1848
        
        \??\c:\3htbbb.exe
        
        c:\3htbbb.exe
        28⤵
        Executes dropped EXE
        
        PID:2508
        
        \??\c:\pppvv.exe
        
        c:\pppvv.exe
        29⤵
        Executes dropped EXE
        
        PID:2208
        
        \??\c:\5htttb.exe
        
        c:\5htttb.exe
        30⤵
        Executes dropped EXE
        
        PID:1000
        
        \??\c:\pvppd.exe
        
        c:\pvppd.exe
        31⤵
        Executes dropped EXE
        
        PID:1212
        
        \??\c:\lfxrxxf.exe
        
        c:\lfxrxxf.exe
        32⤵
        Executes dropped EXE
        
        PID:2692
        
        \??\c:\5pjpv.exe
        
        c:\5pjpv.exe
        33⤵
        Executes dropped EXE
        
        PID:1548
        
        \??\c:\lrlfrrx.exe
        
        c:\lrlfrrx.exe
        34⤵
        Executes dropped EXE
        
        PID:2800
        
        \??\c:\btnbnn.exe
        
        c:\btnbnn.exe
        35⤵
        Executes dropped EXE
        
        PID:2756
        
        \??\c:\tnbhbb.exe
        
        c:\tnbhbb.exe
        36⤵
        Executes dropped EXE
        
        PID:2704
        
        \??\c:\ddvpd.exe
        
        c:\ddvpd.exe
        37⤵
        Executes dropped EXE
        
        PID:2852
        
        \??\c:\1lxxffl.exe
        
        c:\1lxxffl.exe
        38⤵
        Executes dropped EXE
        
        PID:2840
        
        \??\c:\5htttt.exe
        
        c:\5htttt.exe
        39⤵
        Executes dropped EXE
        
        PID:2548
        
        \??\c:\jjppj.exe
        
        c:\jjppj.exe
        40⤵
        Executes dropped EXE
        
        PID:2604
        
        \??\c:\lrlrrrf.exe
        
        c:\lrlrrrf.exe
        41⤵
        Executes dropped EXE
        
        PID:2960
        
        \??\c:\9tttbb.exe
        
        c:\9tttbb.exe
        42⤵
        Executes dropped EXE
        
        PID:1712
        
        \??\c:\pjvjd.exe
        
        c:\pjvjd.exe
        43⤵
        Executes dropped EXE
        
        PID:1476
        
        \??\c:\jjdjv.exe
        
        c:\jjdjv.exe
        44⤵
        Executes dropped EXE
        
        PID:1264
        
        \??\c:\7lxflrx.exe
        
        c:\7lxflrx.exe
        45⤵
        Executes dropped EXE
        
        PID:2360
        
        \??\c:\tbtbnt.exe
        
        c:\tbtbnt.exe
        46⤵
        Executes dropped EXE
        
        PID:2388
        
        \??\c:\pjvvd.exe
        
        c:\pjvvd.exe
        47⤵
        Executes dropped EXE
        
        PID:1832
        
        \??\c:\5frxrxf.exe
        
        c:\5frxrxf.exe
        48⤵
        Executes dropped EXE
        
        PID:620
        
        \??\c:\5btbht.exe
        
        c:\5btbht.exe
        49⤵
        Executes dropped EXE
        
        PID:1248
        
        \??\c:\bbhnbb.exe
        
        c:\bbhnbb.exe
        50⤵
        Executes dropped EXE
        System Location Discovery: System Language Discovery
        
        PID:584
        
        \??\c:\pvpdv.exe
        
        c:\pvpdv.exe
        51⤵
        Executes dropped EXE
        
        PID:1088
        
        \??\c:\xrxxflr.exe
        
        c:\xrxxflr.exe
        52⤵
        Executes dropped EXE
        
        PID:2720
        
        \??\c:\9bhtnt.exe
        
        c:\9bhtnt.exe
        53⤵
        Executes dropped EXE
        
        PID:796
        
        \??\c:\nnhthh.exe
        
        c:\nnhthh.exe
        54⤵
        Executes dropped EXE
        
        PID:696
        
        \??\c:\xrfxrxl.exe
        
        c:\xrfxrxl.exe
        55⤵
        Executes dropped EXE
        
        PID:1592
        
        \??\c:\xxrrffr.exe
        
        c:\xxrrffr.exe
        56⤵
        Executes dropped EXE
        
        PID:1400
        
        \??\c:\btntnt.exe
        
        c:\btntnt.exe
        57⤵
        Executes dropped EXE
        
        PID:3016
        
        \??\c:\vvpdp.exe
        
        c:\vvpdp.exe
        58⤵
        Executes dropped EXE
        
        PID:3036
        
        \??\c:\rrlrxxl.exe
        
        c:\rrlrxxl.exe
        59⤵
        Executes dropped EXE
        
        PID:1452
        
        \??\c:\hhhtth.exe
        
        c:\hhhtth.exe
        60⤵
        Executes dropped EXE
        
        PID:2464
        
        \??\c:\htnntt.exe
        
        c:\htnntt.exe
        61⤵
        Executes dropped EXE
        
        PID:2136
        
        \??\c:\pjppv.exe
        
        c:\pjppv.exe
        62⤵
        Executes dropped EXE
        
        PID:1656
        
        \??\c:\rxrxflx.exe
        
        c:\rxrxflx.exe
        63⤵
        Executes dropped EXE
        
        PID:2600
        
        \??\c:\tnttth.exe
        
        c:\tnttth.exe
        64⤵
        Executes dropped EXE
        System Location Discovery: System Language Discovery
        
        PID:1792
        
        \??\c:\dpjjv.exe
        
        c:\dpjjv.exe
        65⤵
        Executes dropped EXE
        
        PID:948
        
        \??\c:\7rrfrxx.exe
        
        c:\7rrfrxx.exe
        66⤵
        
        PID:2056
        
        \??\c:\5tttbb.exe
        
        c:\5tttbb.exe
        67⤵
        
        PID:1848
        
        \??\c:\7nbnnt.exe
        
        c:\7nbnnt.exe
        68⤵
        
        PID:2508
        
        \??\c:\vpjpv.exe
        
        c:\vpjpv.exe
        69⤵
        System Location Discovery: System Language Discovery
        
        PID:2728
        
        \??\c:\3xrlllr.exe
        
        c:\3xrlllr.exe
        70⤵
        
        PID:1784
        
        \??\c:\tnnbht.exe
        
        c:\tnnbht.exe
        71⤵
        
        PID:2160
        
        \??\c:\vjvvp.exe
        
        c:\vjvvp.exe
        72⤵
        
        PID:1580
        
        \??\c:\jvjjp.exe
        
        c:\jvjjp.exe
        73⤵
        
        PID:2764
        
        \??\c:\7xrxxfl.exe
        
        c:\7xrxxfl.exe
        74⤵
        
        PID:1548
        
        \??\c:\7tbhhh.exe
        
        c:\7tbhhh.exe
        75⤵
        
        PID:2888
        
        \??\c:\jjvdj.exe
        
        c:\jjvdj.exe
        76⤵
        
        PID:2736
        
        \??\c:\lfrrffl.exe
        
        c:\lfrrffl.exe
        77⤵
        
        PID:2560
        
        \??\c:\hhbntt.exe
        
        c:\hhbntt.exe
        78⤵
        
        PID:3004
        
        \??\c:\tnhhtt.exe
        
        c:\tnhhtt.exe
        79⤵
        
        PID:2528
        
        \??\c:\vpjpd.exe
        
        c:\vpjpd.exe
        80⤵
        
        PID:2576
        
        \??\c:\7lrlrrx.exe
        
        c:\7lrlrrx.exe
        81⤵
        
        PID:2712
        
        \??\c:\bbnntn.exe
        
        c:\bbnntn.exe
        82⤵
        
        PID:2040
        
        \??\c:\tnthht.exe
        
        c:\tnthht.exe
        83⤵
        
        PID:1888
        
        \??\c:\7jjpp.exe
        
        c:\7jjpp.exe
        84⤵
        
        PID:2380
        
        \??\c:\jdpvp.exe
        
        c:\jdpvp.exe
        85⤵
        
        PID:1264
        
        \??\c:\xrllxxr.exe
        
        c:\xrllxxr.exe
        86⤵
        
        PID:2372
        
        \??\c:\tbntbn.exe
        
        c:\tbntbn.exe
        87⤵
        
        PID:2388
        
        \??\c:\vvppv.exe
        
        c:\vvppv.exe
        88⤵
        
        PID:1280
        
        \??\c:\9jvvd.exe
        
        c:\9jvvd.exe
        89⤵
        
        PID:1828
        
        \??\c:\rlfflrl.exe
        
        c:\rlfflrl.exe
        90⤵
        
        PID:1096
        
        \??\c:\bthntb.exe
        
        c:\bthntb.exe
        91⤵
        
        PID:400
        
        \??\c:\nhbhhn.exe
        
        c:\nhbhhn.exe
        92⤵
        
        PID:2932
        
        \??\c:\pjjpv.exe
        
        c:\pjjpv.exe
        93⤵
        
        PID:2744
        
        \??\c:\ffxfllx.exe
        
        c:\ffxfllx.exe
        94⤵
        
        PID:1104
        
        \??\c:\rlflrxl.exe
        
        c:\rlflrxl.exe
        95⤵
        
        PID:2892
        
        \??\c:\5bnthb.exe
        
        c:\5bnthb.exe
        96⤵
        
        PID:1748
        
        \??\c:\dvdvj.exe
        
        c:\dvdvj.exe
        97⤵
        
        PID:2060
        
        \??\c:\xfrxlrf.exe
        
        c:\xfrxlrf.exe
        98⤵
        
        PID:2904
        
        \??\c:\xrrlrlx.exe
        
        c:\xrrlrlx.exe
        99⤵
        
        PID:2080
        
        \??\c:\hhtbtb.exe
        
        c:\hhtbtb.exe
        100⤵
        
        PID:868
        
        \??\c:\vvvdv.exe
        
        c:\vvvdv.exe
        101⤵
        
        PID:408
        
        \??\c:\3rfflrr.exe
        
        c:\3rfflrr.exe
        102⤵
        
        PID:952
        
        \??\c:\llxrxrf.exe
        
        c:\llxrxrf.exe
        103⤵
        
        PID:1656
        
        \??\c:\tthnbb.exe
        
        c:\tthnbb.exe
        104⤵
        
        PID:860
        
        \??\c:\5djjp.exe
        
        c:\5djjp.exe
        105⤵
        
        PID:1792
        
        \??\c:\7jvjp.exe
        
        c:\7jvjp.exe
        106⤵
        
        PID:2076
        
        \??\c:\rrllxxl.exe
        
        c:\rrllxxl.exe
        107⤵
        
        PID:1536
        
        \??\c:\bbtthn.exe
        
        c:\bbtthn.exe
        108⤵
        
        PID:2212
        
        \??\c:\nnhhtn.exe
        
        c:\nnhhtn.exe
        109⤵
        
        PID:1824
        
        \??\c:\ppddp.exe
        
        c:\ppddp.exe
        110⤵
        
        PID:1052
        
        \??\c:\3xrrxfr.exe
        
        c:\3xrrxfr.exe
        111⤵
        
        PID:1032
        
        \??\c:\tnhhnt.exe
        
        c:\tnhhnt.exe
        112⤵
        
        PID:816
        
        \??\c:\hhbnbh.exe
        
        c:\hhbnbh.exe
        113⤵
        
        PID:3052
        
        \??\c:\vpdjp.exe
        
        c:\vpdjp.exe
        114⤵
        
        PID:2668
        
        \??\c:\xrllrrl.exe
        
        c:\xrllrrl.exe
        115⤵
        
        PID:3048
        
        \??\c:\rlrxfrr.exe
        
        c:\rlrxfrr.exe
        116⤵
        
        PID:1548
        
        \??\c:\1ththt.exe
        
        c:\1ththt.exe
        117⤵
        
        PID:3040
        
        \??\c:\dvppd.exe
        
        c:\dvppd.exe
        118⤵
        
        PID:2848
        
        \??\c:\fxrrrrx.exe
        
        c:\fxrrrrx.exe
        119⤵
        
        PID:2560
        
        \??\c:\hbttht.exe
        
        c:\hbttht.exe
        120⤵
        
        PID:2532
        
        \??\c:\dvppd.exe
        
        c:\dvppd.exe
        121⤵
        
        PID:2240
        
        \??\c:\xrlrxlr.exe
        
        c:\xrlrxlr.exe
        122⤵
        
        PID:3008
        
        \??\c:\ttbhth.exe
        
        c:\ttbhth.exe
        123⤵
        
        PID:2572
        
        \??\c:\hbhnbn.exe
        
        c:\hbhnbn.exe
        124⤵
        
        PID:1900
        
        \??\c:\7jvpp.exe
        
        c:\7jvpp.exe
        125⤵
        
        PID:2944
        
        \??\c:\rlllrrr.exe
        
        c:\rlllrrr.exe
        126⤵
        
        PID:2168
        
        \??\c:\rlrfrrx.exe
        
        c:\rlrfrrx.exe
        127⤵
        
        PID:2360
        
        \??\c:\ttntbh.exe
        
        c:\ttntbh.exe
        128⤵
        
        PID:1500
        
        \??\c:\nntbbn.exe
        
        c:\nntbbn.exe
        129⤵
        
        PID:1532
        
        \??\c:\ddvpj.exe
        
        c:\ddvpj.exe
        130⤵
        
        PID:1508
        
        \??\c:\7rlrrfl.exe
        
        c:\7rlrrfl.exe
        131⤵
        
        PID:1248
        
        \??\c:\llxxlfl.exe
        
        c:\llxxlfl.exe
        132⤵
        
        PID:1860
        
        \??\c:\hbtbnt.exe
        
        c:\hbtbnt.exe
        133⤵
        
        PID:2084
        
        \??\c:\5pjvj.exe
        
        c:\5pjvj.exe
        134⤵
        
        PID:716
        
        \??\c:\jdvdj.exe
        
        c:\jdvdj.exe
        135⤵
        
        PID:740
        
        \??\c:\3frxxlr.exe
        
        c:\3frxxlr.exe
        136⤵
        
        PID:776
        
        \??\c:\hbbhtn.exe
        
        c:\hbbhtn.exe
        137⤵
        
        PID:2748
        
        \??\c:\tnbtbh.exe
        
        c:\tnbtbh.exe
        138⤵
        System Location Discovery: System Language Discovery
        
        PID:2148
        
        \??\c:\vvddj.exe
        
        c:\vvddj.exe
        139⤵
        
        PID:3016
        
        \??\c:\7fxrxfr.exe
        
        c:\7fxrxfr.exe
        140⤵
        
        PID:3020
        
        \??\c:\llrxllr.exe
        
        c:\llrxllr.exe
        141⤵
        
        PID:2916
        
        \??\c:\7htbhh.exe
        
        c:\7htbhh.exe
        142⤵
        
        PID:1136
        
        \??\c:\ppjjj.exe
        
        c:\ppjjj.exe
        143⤵
        
        PID:1092
        
        \??\c:\7djpj.exe
        
        c:\7djpj.exe
        144⤵
        
        PID:700
        
        \??\c:\frlfrxr.exe
        
        c:\frlfrxr.exe
        145⤵
        
        PID:1668
        
        \??\c:\nnhnbt.exe
        
        c:\nnhnbt.exe
        146⤵
        
        PID:2400
        
        \??\c:\bthntb.exe
        
        c:\bthntb.exe
        147⤵
        
        PID:1752
        
        \??\c:\dvppd.exe
        
        c:\dvppd.exe
        148⤵
        
        PID:1640
        
        \??\c:\3rflrff.exe
        
        c:\3rflrff.exe
        149⤵
        
        PID:2052
        
        \??\c:\7lfxlrf.exe
        
        c:\7lfxlrf.exe
        150⤵
        
        PID:2212
        
        \??\c:\tnbhtt.exe
        
        c:\tnbhtt.exe
        151⤵
        
        PID:1824
        
        \??\c:\7vdvj.exe
        
        c:\7vdvj.exe
        152⤵
        
        PID:1052
        
        \??\c:\5fffrrf.exe
        
        c:\5fffrrf.exe
        153⤵
        
        PID:1212
        
        \??\c:\lxrxxfl.exe
        
        c:\lxrxxfl.exe
        154⤵
        
        PID:816
        
        \??\c:\tntbtb.exe
        
        c:\tntbtb.exe
        155⤵
        
        PID:2812
        
        \??\c:\1thnhn.exe
        
        c:\1thnhn.exe
        156⤵
        
        PID:2816
        
        \??\c:\jdpvj.exe
        
        c:\jdpvj.exe
        157⤵
        
        PID:2888
        
        \??\c:\7xlxffl.exe
        
        c:\7xlxffl.exe
        158⤵
        
        PID:2708
        
        \??\c:\xrffrrx.exe
        
        c:\xrffrrx.exe
        159⤵
        
        PID:3040
        
        \??\c:\9tntbh.exe
        
        c:\9tntbh.exe
        160⤵
        
        PID:2840
        
        \??\c:\nhbhhh.exe
        
        c:\nhbhhh.exe
        161⤵
        
        PID:2544
        
        \??\c:\3vdvj.exe
        
        c:\3vdvj.exe
        162⤵
        
        PID:2576
        
        \??\c:\lxfxxfr.exe
        
        c:\lxfxxfr.exe
        163⤵
        
        PID:2240
        
        \??\c:\nnbntn.exe
        
        c:\nnbntn.exe
        164⤵
        
        PID:2960
        
        \??\c:\5ntnhb.exe
        
        c:\5ntnhb.exe
        165⤵
        
        PID:2572
        
        \??\c:\dvjjj.exe
        
        c:\dvjjj.exe
        166⤵
        
        PID:1900
        
        \??\c:\jjjvd.exe
        
        c:\jjjvd.exe
        167⤵
        
        PID:2116
        
        \??\c:\fxffffr.exe
        
        c:\fxffffr.exe
        168⤵
        
        PID:2168
        
        \??\c:\bnttbt.exe
        
        c:\bnttbt.exe
        169⤵
        
        PID:2264
        
        \??\c:\9bnhnn.exe
        
        c:\9bnhnn.exe
        170⤵
        
        PID:2388
        
        \??\c:\dpvvj.exe
        
        c:\dpvvj.exe
        171⤵
        
        PID:1620
        
        \??\c:\fxlrrff.exe
        
        c:\fxlrrff.exe
        172⤵
        
        PID:1820
        
        \??\c:\rlxfxfl.exe
        
        c:\rlxfxfl.exe
        173⤵
        
        PID:584
        
        \??\c:\9nnttt.exe
        
        c:\9nnttt.exe
        174⤵
        
        PID:400
        
        \??\c:\9pdjp.exe
        
        c:\9pdjp.exe
        175⤵
        
        PID:668
        
        \??\c:\ddpjj.exe
        
        c:\ddpjj.exe
        176⤵
        
        PID:580
        
        \??\c:\3xrfffl.exe
        
        c:\3xrfffl.exe
        177⤵
        
        PID:1104
        
        \??\c:\bbtthn.exe
        
        c:\bbtthn.exe
        178⤵
        
        PID:356
        
        \??\c:\tbtthn.exe
        
        c:\tbtthn.exe
        179⤵
        
        PID:1748
        
        \??\c:\jdppj.exe
        
        c:\jdppj.exe
        180⤵
        
        PID:3056
        
        \??\c:\pjddp.exe
        
        c:\pjddp.exe
        181⤵
        
        PID:3000
        
        \??\c:\fflxllr.exe
        
        c:\fflxllr.exe
        182⤵
        
        PID:3036
        
        \??\c:\5bntbb.exe
        
        c:\5bntbb.exe
        183⤵
        
        PID:1736
        
        \??\c:\jdpvp.exe
        
        c:\jdpvp.exe
        184⤵
        
        PID:1344
        
        \??\c:\9pddv.exe
        
        c:\9pddv.exe
        185⤵
        
        PID:2504
        
        \??\c:\xffflrr.exe
        
        c:\xffflrr.exe
        186⤵
        
        PID:2492
        
        \??\c:\tntttb.exe
        
        c:\tntttb.exe
        187⤵
        
        PID:860
        
        \??\c:\9ttthn.exe
        
        c:\9ttthn.exe
        188⤵
        
        PID:1300
        
        \??\c:\ddvjv.exe
        
        c:\ddvjv.exe
        189⤵
        
        PID:2076
        
        \??\c:\9rffrrx.exe
        
        c:\9rffrrx.exe
        190⤵
        
        PID:2056
        
        \??\c:\xrlrrfr.exe
        
        c:\xrlrrfr.exe
        191⤵
        
        PID:2368
        
        \??\c:\7ntntt.exe
        
        c:\7ntntt.exe
        192⤵
        
        PID:1816
        
        \??\c:\1pddp.exe
        
        c:\1pddp.exe
        193⤵
        
        PID:1996
        
        \??\c:\pppdj.exe
        
        c:\pppdj.exe
        194⤵
        System Location Discovery: System Language Discovery
        
        PID:1784
        
        \??\c:\rlllxxl.exe
        
        c:\rlllxxl.exe
        195⤵
        
        PID:2180
        
        \??\c:\bnbhnn.exe
        
        c:\bnbhnn.exe
        196⤵
        
        PID:2672
        
        \??\c:\9nbhbb.exe
        
        c:\9nbhbb.exe
        197⤵
        
        PID:2668
        
        \??\c:\vvpdv.exe
        
        c:\vvpdv.exe
        198⤵
        
        PID:2568
        
        \??\c:\1flllxf.exe
        
        c:\1flllxf.exe
        199⤵
        
        PID:2656
        
        \??\c:\rlxrrxl.exe
        
        c:\rlxrrxl.exe
        200⤵
        
        PID:2752
        
        \??\c:\nhbhnt.exe
        
        c:\nhbhnt.exe
        201⤵
        
        PID:1068
        
        \??\c:\pjppv.exe
        
        c:\pjppv.exe
        202⤵
        
        PID:2660
        
        \??\c:\9jddj.exe
        
        c:\9jddj.exe
        203⤵
        
        PID:2532
        
        \??\c:\rrxlrfr.exe
        
        c:\rrxlrfr.exe
        204⤵
        
        PID:2352
        
        \??\c:\7nbhnn.exe
        
        c:\7nbhnn.exe
        205⤵
        
        PID:2964
        
        \??\c:\btnntb.exe
        
        c:\btnntb.exe
        206⤵
        
        PID:1896
        
        \??\c:\vpjvd.exe
        
        c:\vpjvd.exe
        207⤵
        
        PID:1888
        
        \??\c:\xlrlfxf.exe
        
        c:\xlrlfxf.exe
        208⤵
        
        PID:2380
        
        \??\c:\5ntttn.exe
        
        c:\5ntttn.exe
        209⤵
        
        PID:2520
        
        \??\c:\9tthnt.exe
        
        c:\9tthnt.exe
        210⤵
        
        PID:2404
        
        \??\c:\5pdvj.exe
        
        c:\5pdvj.exe
        211⤵
        
        PID:1844
        
        \??\c:\1djpp.exe
        
        c:\1djpp.exe
        212⤵
        
        PID:1904
        
        \??\c:\xrxxflr.exe
        
        c:\xrxxflr.exe
        213⤵
        
        PID:896
        
        \??\c:\tntntt.exe
        
        c:\tntntt.exe
        214⤵
        
        PID:1836
        
        \??\c:\dvjpv.exe
        
        c:\dvjpv.exe
        215⤵
        
        PID:1088
        
        \??\c:\3djjj.exe
        
        c:\3djjj.exe
        216⤵
        
        PID:2340
        
        \??\c:\9frrxfl.exe
        
        c:\9frrxfl.exe
        217⤵
        
        PID:2120
        
        \??\c:\9lflrxf.exe
        
        c:\9lflrxf.exe
        218⤵
        
        PID:1664
        
        \??\c:\9tbbnn.exe
        
        c:\9tbbnn.exe
        219⤵
        
        PID:2512
        
        \??\c:\pdjdj.exe
        
        c:\pdjdj.exe
        220⤵
        
        PID:2900
        
        \??\c:\pdpvd.exe
        
        c:\pdpvd.exe
        221⤵
        
        PID:356
        
        \??\c:\fllxlxr.exe
        
        c:\fllxlxr.exe
        222⤵
        
        PID:1748
        
        \??\c:\1ttbnb.exe
        
        c:\1ttbnb.exe
        223⤵
        
        PID:2904
        
        \??\c:\tntbbb.exe
        
        c:\tntbbb.exe
        224⤵
        
        PID:1028
        
        \??\c:\dvjdd.exe
        
        c:\dvjdd.exe
        225⤵
        
        PID:2112
        
        \??\c:\fxlffxf.exe
        
        c:\fxlffxf.exe
        226⤵
        
        PID:408
        
        \??\c:\xlrfffr.exe
        
        c:\xlrfffr.exe
        227⤵
        
        PID:1136
        
        \??\c:\5tnbnn.exe
        
        c:\5tnbnn.exe
        228⤵
        
        PID:1656
        
        \??\c:\jjddp.exe
        
        c:\jjddp.exe
        229⤵
        
        PID:1632
        
        \??\c:\ddvvj.exe
        
        c:\ddvvj.exe
        230⤵
        
        PID:1668
        
        \??\c:\7xxxffl.exe
        
        c:\7xxxffl.exe
        231⤵
        
        PID:1604
        
        \??\c:\btbbhh.exe
        
        c:\btbbhh.exe
        232⤵
        
        PID:2412
        
        \??\c:\9tntbh.exe
        
        c:\9tntbh.exe
        233⤵
        
        PID:1848
        
        \??\c:\jjdjv.exe
        
        c:\jjdjv.exe
        234⤵
        
        PID:1536
        
        \??\c:\vppvj.exe
        
        c:\vppvj.exe
        235⤵
        
        PID:2184
        
        \??\c:\lxrlfxx.exe
        
        c:\lxrlfxx.exe
        236⤵
        
        PID:2208
        
        \??\c:\bttbbh.exe
        
        c:\bttbbh.exe
        237⤵
        
        PID:1448
        
        \??\c:\dvjjp.exe
        
        c:\dvjjp.exe
        238⤵
        
        PID:1688
        
        \??\c:\pppvp.exe
        
        c:\pppvp.exe
        239⤵
        
        PID:1584
        
        \??\c:\rlffflx.exe
        
        c:\rlffflx.exe
        240⤵
        
        PID:2768
        
        \??\c:\1xllxlr.exe
        
        c:\1xllxlr.exe
        241⤵
        
        PID:2696
        
        \??\c:\nhtbtb.exe
        
        c:\nhtbtb.exe
        242⤵
        
        PID:2872
        
        \??\c:\vvdpv.exe
        
        c:\vvdpv.exe
        243⤵
        
        PID:2736
        
        \??\c:\pjvdj.exe
        
        c:\pjvdj.exe
        244⤵
        
        PID:2640
        
        \??\c:\3xfrxxx.exe
        
        c:\3xfrxxx.exe
        245⤵
        
        PID:2332
        
        \??\c:\xrxfllr.exe
        
        c:\xrxfllr.exe
        246⤵
        
        PID:2612
        
        \??\c:\hhhhbt.exe
        
        c:\hhhhbt.exe
        247⤵
        
        PID:2544
        
        \??\c:\pjpjj.exe
        
        c:\pjpjj.exe
        248⤵
        
        PID:1116
        
        \??\c:\llffxxl.exe
        
        c:\llffxxl.exe
        249⤵
        
        PID:2240
        
        \??\c:\xrxrrlr.exe
        
        c:\xrxrrlr.exe
        250⤵
        
        PID:2796
        
        \??\c:\tnbntt.exe
        
        c:\tnbntt.exe
        251⤵
        
        PID:1880
        
        \??\c:\3pvjj.exe
        
        c:\3pvjj.exe
        252⤵
        
        PID:1900
        
        \??\c:\dvjpp.exe
        
        c:\dvjpp.exe
        253⤵
        
        PID:376
        
        \??\c:\5xflfff.exe
        
        c:\5xflfff.exe
        254⤵
        
        PID:2168
        
        \??\c:\nhbbhn.exe
        
        c:\nhbbhn.exe
        255⤵
        
        PID:808
        
        \??\c:\bthhnb.exe
        
        c:\bthhnb.exe
        256⤵
        
        PID:1532
        
        \??\c:\3pvpv.exe
        
        c:\3pvpv.exe
        257⤵
        
        PID:1332
        
        \??\c:\xrfffff.exe
        
        c:\xrfffff.exe
        258⤵
        
        PID:2860
        
        \??\c:\5lfflff.exe
        
        c:\5lfflff.exe
        259⤵
        
        PID:1508
        
        \??\c:\nbntbn.exe
        
        c:\nbntbn.exe
        260⤵
        
        PID:1088
        
        \??\c:\jdppv.exe
        
        c:\jdppv.exe
        261⤵
        
        PID:2744
        
        \??\c:\jdvvd.exe
        
        c:\jdvvd.exe
        262⤵
        
        PID:716
        
        \??\c:\llxxflr.exe
        
        c:\llxxflr.exe
        263⤵
        
        PID:740
        
        \??\c:\bthhnb.exe
        
        c:\bthhnb.exe
        264⤵
        
        PID:2512
        
        \??\c:\9vvdj.exe
        
        c:\9vvdj.exe
        265⤵
        
        PID:2192
        
        \??\c:\jvddv.exe
        
        c:\jvddv.exe
        266⤵
        
        PID:356
        
        \??\c:\1lflrxr.exe
        
        c:\1lflrxr.exe
        267⤵
        System Location Discovery: System Language Discovery
        
        PID:1992
        
        \??\c:\3nhnbb.exe
        
        c:\3nhnbb.exe
        268⤵
        
        PID:2904
        
        \??\c:\pjppd.exe
        
        c:\pjppd.exe
        269⤵
        
        PID:1028
        
        \??\c:\vddjv.exe
        
        c:\vddjv.exe
        270⤵
        
        PID:2376
        
        \??\c:\fxlrfrf.exe
        
        c:\fxlrfrf.exe
        271⤵
        
        PID:1344
        
        \??\c:\3nhnbh.exe
        
        c:\3nhnbh.exe
        272⤵
        
        PID:2600
        
        \??\c:\7bnbbb.exe
        
        c:\7bnbbb.exe
        273⤵
        
        PID:2492
        
        \??\c:\vpvpj.exe
        
        c:\vpvpj.exe
        274⤵
        
        PID:832
        
        \??\c:\xrffllr.exe
        
        c:\xrffllr.exe
        275⤵
        
        PID:2992
        
        \??\c:\xrrrfxx.exe
        
        c:\xrrrfxx.exe
        276⤵
        
        PID:2076
        
        \??\c:\bthhbb.exe
        
        c:\bthhbb.exe
        277⤵
        
        PID:2016
        
        \??\c:\vjvvj.exe
        
        c:\vjvvj.exe
        278⤵
        
        PID:2292
        
        \??\c:\dpvdj.exe
        
        c:\dpvdj.exe
        279⤵
        
        PID:684
        
        \??\c:\rxxrxlf.exe
        
        c:\rxxrxlf.exe
        280⤵
        
        PID:2784
        
        \??\c:\jjdjv.exe
        
        c:\jjdjv.exe
        281⤵
        
        PID:3028
        
        \??\c:\rffxrrr.exe
        
        c:\rffxrrr.exe
        282⤵
        
        PID:1580
        
        \??\c:\1xlxflx.exe
        
        c:\1xlxflx.exe
        283⤵
        
        PID:2180
        
        \??\c:\bthhnh.exe
        
        c:\bthhnh.exe
        284⤵
        
        PID:2664
        
        \??\c:\dvjjd.exe
        
        c:\dvjjd.exe
        285⤵
        
        PID:2204
        
        \??\c:\1jvpd.exe
        
        c:\1jvpd.exe
        286⤵
        
        PID:2824
        
        \??\c:\rlxxffr.exe
        
        c:\rlxxffr.exe
        287⤵
        
        PID:2724
        
        \??\c:\fxllrrx.exe
        
        c:\fxllrrx.exe
        288⤵
        
        PID:2708
        
        \??\c:\nhntbh.exe
        
        c:\nhntbh.exe
        289⤵
        
        PID:3004
        
        \??\c:\1djdd.exe
        
        c:\1djdd.exe
        290⤵
        
        PID:2852
        
        \??\c:\dvjdd.exe
        
        c:\dvjdd.exe
        291⤵
        
        PID:2984
        
        \??\c:\xfllrrx.exe
        
        c:\xfllrrx.exe
        292⤵
        
        PID:2496
        
        \??\c:\frxrrrx.exe
        
        c:\frxrrrx.exe
        293⤵
        
        PID:1760
        
        \??\c:\nhttnn.exe
        
        c:\nhttnn.exe
        294⤵
        
        PID:2476
        
        \??\c:\vpjpv.exe
        
        c:\vpjpv.exe
        295⤵
        
        PID:2968
        
        \??\c:\jdpjp.exe
        
        c:\jdpjp.exe
        296⤵
        
        PID:1880
        
        \??\c:\xflxrlx.exe
        
        c:\xflxrlx.exe
        297⤵
        
        PID:1204
        
        \??\c:\tnbhnn.exe
        
        c:\tnbhnn.exe
        298⤵
        
        PID:2372
        
        \??\c:\btbhhh.exe
        
        c:\btbhhh.exe
        299⤵
        
        PID:1832
        
        \??\c:\dvjdj.exe
        
        c:\dvjdj.exe
        300⤵
        
        PID:1500
        
        \??\c:\lxlllfl.exe
        
        c:\lxlllfl.exe
        301⤵
        
        PID:1904
        
        \??\c:\xrrlfxf.exe
        
        c:\xrrlfxf.exe
        302⤵
        
        PID:1776
        
        \??\c:\3thntt.exe
        
        c:\3thntt.exe
        303⤵
        
        PID:1372
        
        \??\c:\dvjvj.exe
        
        c:\dvjvj.exe
        304⤵
        
        PID:1508
        
        \??\c:\1dvdv.exe
        
        c:\1dvdv.exe
        305⤵
        
        PID:1624
        
        \??\c:\rlflxlr.exe
        
        c:\rlflxlr.exe
        306⤵
        
        PID:2744
        
        \??\c:\rxxlxlx.exe
        
        c:\rxxlxlx.exe
        307⤵
        
        PID:716
        
        \??\c:\nhtbnn.exe
        
        c:\nhtbnn.exe
        308⤵
        
        PID:740
        
        \??\c:\vpvvd.exe
        
        c:\vpvvd.exe
        309⤵
        
        PID:2512
        
        \??\c:\3fxxxrx.exe
        
        c:\3fxxxrx.exe
        310⤵
        
        PID:2192
        
        \??\c:\9llffxx.exe
        
        c:\9llffxx.exe
        311⤵
        
        PID:916
        
        \??\c:\nbnhnn.exe
        
        c:\nbnhnn.exe
        312⤵
        
        PID:3020
        
        \??\c:\dvddd.exe
        
        c:\dvddd.exe
        313⤵
        
        PID:3024
        
        \??\c:\5pjdp.exe
        
        c:\5pjdp.exe
        314⤵
        
        PID:2188
        
        \??\c:\lxlllrx.exe
        
        c:\lxlllrx.exe
        315⤵
        
        PID:1680
        
        \??\c:\1fxlflr.exe
        
        c:\1fxlflr.exe
        316⤵
        
        PID:1224
        
        \??\c:\3nhbtt.exe
        
        c:\3nhbtt.exe
        317⤵
        
        PID:2608
        
        \??\c:\vpjpd.exe
        
        c:\vpjpd.exe
        318⤵
        
        PID:2948
        
        \??\c:\1jvvv.exe
        
        c:\1jvvv.exe
        319⤵
        
        PID:1708
        
        \??\c:\9frrxxf.exe
        
        c:\9frrxxf.exe
        320⤵
        
        PID:2880
        
        \??\c:\nbtnth.exe
        
        c:\nbtnth.exe
        321⤵
        
        PID:1036
        
        \??\c:\dvjpd.exe
        
        c:\dvjpd.exe
        322⤵
        
        PID:2728
        
        \??\c:\vpjvp.exe
        
        c:\vpjvp.exe
        323⤵
        
        PID:1876
        
        \??\c:\xlxrfxl.exe
        
        c:\xlxrfxl.exe
        324⤵
        
        PID:2144
        
        \??\c:\1ntnnn.exe
        
        c:\1ntnnn.exe
        325⤵
        
        PID:2356
        
        \??\c:\nhbhnt.exe
        
        c:\nhbhnt.exe
        326⤵
        
        PID:3052
        
        \??\c:\dpddd.exe
        
        c:\dpddd.exe
        327⤵
        
        PID:2776
        
        \??\c:\rlxfffr.exe
        
        c:\rlxfffr.exe
        328⤵
        
        PID:2180
        
        \??\c:\rlxfxfr.exe
        
        c:\rlxfxfr.exe
        329⤵
        
        PID:2692
        
        \??\c:\nnhnbh.exe
        
        c:\nnhnbh.exe
        330⤵
        
        PID:2876
        
        \??\c:\btbttt.exe
        
        c:\btbttt.exe
        331⤵
        
        PID:2656
        
        \??\c:\3dvdj.exe
        
        c:\3dvdj.exe
        332⤵
        
        PID:2592
        
        \??\c:\fxlrflf.exe
        
        c:\fxlrflf.exe
        333⤵
        
        PID:3040
        
        \??\c:\llfffxl.exe
        
        c:\llfffxl.exe
        334⤵
        
        PID:2580
        
        \??\c:\hthbhh.exe
        
        c:\hthbhh.exe
        335⤵
        
        PID:2564
        
        \??\c:\dvpvd.exe
        
        c:\dvpvd.exe
        336⤵
        
        PID:2428
        
        \??\c:\pjvvj.exe
        
        c:\pjvvj.exe
        337⤵
        
        PID:3008
        
        \??\c:\3flllrf.exe
        
        c:\3flllrf.exe
        338⤵
        System Location Discovery: System Language Discovery
        
        PID:2572
        
        \??\c:\xfxxxff.exe
        
        c:\xfxxxff.exe
        339⤵
        
        PID:2096
        
        \??\c:\tntbbh.exe
        
        c:\tntbbh.exe
        340⤵
        
        PID:2944
        
        \??\c:\dvdjj.exe
        
        c:\dvdjj.exe
        341⤵
        
        PID:2128
        
        \??\c:\rlrfxxr.exe
        
        c:\rlrfxxr.exe
        342⤵
        
        PID:1396
        
        \??\c:\frxxlxf.exe
        
        c:\frxxlxf.exe
        343⤵
        
        PID:1812
        
        \??\c:\hbnbhb.exe
        
        c:\hbnbhb.exe
        344⤵
        
        PID:1832
        
        \??\c:\pjdpv.exe
        
        c:\pjdpv.exe
        345⤵
        
        PID:236
        
        \??\c:\jjddj.exe
        
        c:\jjddj.exe
        346⤵
        
        PID:1096
        
        \??\c:\rlrrxll.exe
        
        c:\rlrrxll.exe
        347⤵
        
        PID:2720
        
        \??\c:\tnbbhh.exe
        
        c:\tnbbhh.exe
        348⤵
        
        PID:1372
        
        \??\c:\tnhttt.exe
        
        c:\tnhttt.exe
        349⤵
        
        PID:1796
        
        \??\c:\9vpvj.exe
        
        c:\9vpvj.exe
        350⤵
        
        PID:1624
        
        \??\c:\dvpjd.exe
        
        c:\dvpjd.exe
        351⤵
        
        PID:2252
        
        \??\c:\rrfllxr.exe
        
        c:\rrfllxr.exe
        352⤵
        
        PID:716
        
        \??\c:\btnnbt.exe
        
        c:\btnnbt.exe
        353⤵
        
        PID:740
        
        \??\c:\5hbhnb.exe
        
        c:\5hbhnb.exe
        354⤵
        
        PID:2060
        
        \??\c:\7vvdj.exe
        
        c:\7vvdj.exe
        355⤵
        
        PID:1628
        
        \??\c:\fxffllr.exe
        
        c:\fxffllr.exe
        356⤵
        
        PID:3000
        
        \??\c:\xrxfllf.exe
        
        c:\xrxfllf.exe
        357⤵
        
        PID:1608
        
        \??\c:\7ntthh.exe
        
        c:\7ntthh.exe
        358⤵
        
        PID:3024
        
        \??\c:\dpddp.exe
        
        c:\dpddp.exe
        359⤵
        
        PID:2136
        
        \??\c:\jdvdp.exe
        
        c:\jdvdp.exe
        360⤵
        
        PID:700
        
        \??\c:\lfrflrf.exe
        
        c:\lfrflrf.exe
        361⤵
        
        PID:320
        
        \??\c:\5btttt.exe
        
        c:\5btttt.exe
        362⤵
        
        PID:1668
        
        \??\c:\3nbbhh.exe
        
        c:\3nbbhh.exe
        363⤵
        
        PID:1692
        
        \??\c:\5vvvd.exe
        
        c:\5vvvd.exe
        364⤵
        
        PID:1752
        
        \??\c:\jdvvd.exe
        
        c:\jdvvd.exe
        365⤵
        
        PID:2172
        
        \??\c:\3frfrxl.exe
        
        c:\3frfrxl.exe
        366⤵
        
        PID:2468
        
        \??\c:\9thhtn.exe
        
        c:\9thhtn.exe
        367⤵
        
        PID:2368
        
        \??\c:\tnttht.exe
        
        c:\tnttht.exe
        368⤵
        
        PID:2208
        
        \??\c:\3djpj.exe
        
        c:\3djpj.exe
        369⤵
        
        PID:1448
        
        \??\c:\vpdjp.exe
        
        c:\vpdjp.exe
        370⤵
        System Location Discovery: System Language Discovery
        
        PID:1576
        
        \??\c:\7xxrfrx.exe
        
        c:\7xxrfrx.exe
        371⤵
        
        PID:1584
        
        \??\c:\bnhnnn.exe
        
        c:\bnhnnn.exe
        372⤵
        
        PID:2776
        
        \??\c:\1nttbh.exe
        
        c:\1nttbh.exe
        373⤵
        
        PID:2540
        
        \??\c:\ppjpd.exe
        
        c:\ppjpd.exe
        374⤵
        
        PID:2568
        
        \??\c:\fxrxxfl.exe
        
        c:\fxrxxfl.exe
        375⤵
        
        PID:2736
        
        \??\c:\ffrxffl.exe
        
        c:\ffrxffl.exe
        376⤵
        
        PID:2656
        
        \??\c:\7btthh.exe
        
        c:\7btthh.exe
        377⤵
        
        PID:2732
        
        \??\c:\jjvdd.exe
        
        c:\jjvdd.exe
        378⤵
        
        PID:2528
        
        \??\c:\1jjjp.exe
        
        c:\1jjjp.exe
        379⤵
        
        PID:2980
        
        \??\c:\rlflrlx.exe
        
        c:\rlflrlx.exe
        380⤵
        
        PID:1116
        
        \??\c:\xrrxlrf.exe
        
        c:\xrrxlrf.exe
        381⤵
        
        PID:2040
        
        \??\c:\5nbhnt.exe
        
        c:\5nbhnt.exe
        382⤵
        
        PID:1476
        
        \??\c:\dpvdj.exe
        
        c:\dpvdj.exe
        383⤵
        
        PID:1264
        
        \??\c:\9rlrxfl.exe
        
        c:\9rlrxfl.exe
        384⤵
        
        PID:2096
        
        \??\c:\ffllfff.exe
        
        c:\ffllfff.exe
        385⤵
        
        PID:2132
        
        \??\c:\hbnnbn.exe
        
        c:\hbnnbn.exe
        386⤵
        
        PID:2128
        
        \??\c:\1tntbh.exe
        
        c:\1tntbh.exe
        387⤵
        
        PID:1396
        
        \??\c:\dvpvj.exe
        
        c:\dvpvj.exe
        388⤵
        
        PID:1812
        
        \??\c:\5lrrxxf.exe
        
        c:\5lrrxxf.exe
        389⤵
        
        PID:896
        
        \??\c:\xxrlxxx.exe
        
        c:\xxrlxxx.exe
        390⤵
        
        PID:236
        
        \??\c:\ttnnbh.exe
        
        c:\ttnnbh.exe
        391⤵
        
        PID:1348
        
        \??\c:\5jvvd.exe
        
        c:\5jvvd.exe
        392⤵
        
        PID:2720
        
        \??\c:\dvppp.exe
        
        c:\dvppp.exe
        393⤵
        
        PID:2932
        
        \??\c:\1frrrxx.exe
        
        c:\1frrrxx.exe
        394⤵
        
        PID:1796
        
        \??\c:\lfllxxf.exe
        
        c:\lfllxxf.exe
        395⤵
        
        PID:1664
        
        \??\c:\nnbtnb.exe
        
        c:\nnbtnb.exe
        396⤵
        
        PID:1400
        
        \??\c:\ddvvj.exe
        
        c:\ddvvj.exe
        397⤵
        
        PID:3060
        
        \??\c:\vpjjd.exe
        
        c:\vpjjd.exe
        398⤵
        
        PID:2152
        
        \??\c:\3rrxxxf.exe
        
        c:\3rrxxxf.exe
        399⤵
        
        PID:2060
        
        \??\c:\3nbbbb.exe
        
        c:\3nbbbb.exe
        400⤵
        
        PID:2236
        
        \??\c:\hbnnnn.exe
        
        c:\hbnnnn.exe
        401⤵
        
        PID:1504
        
        \??\c:\5jvvd.exe
        
        c:\5jvvd.exe
        402⤵
        
        PID:2112
        
        \??\c:\xxffrxl.exe
        
        c:\xxffrxl.exe
        403⤵
        
        PID:3024
        
        \??\c:\9rlfxfr.exe
        
        c:\9rlfxfr.exe
        404⤵
        
        PID:2188
        
        \??\c:\btttnn.exe
        
        c:\btttnn.exe
        405⤵
        
        PID:988
        
        \??\c:\9tnhhb.exe
        
        c:\9tnhhb.exe
        406⤵
        
        PID:1632
        
        \??\c:\jjdjv.exe
        
        c:\jjdjv.exe
        407⤵
        
        PID:1668
        
        \??\c:\llrxllx.exe
        
        c:\llrxllx.exe
        408⤵
        
        PID:932
        
        \??\c:\xxrrlrf.exe
        
        c:\xxrrlrf.exe
        409⤵
        
        PID:2432
        
        \??\c:\nhbnbn.exe
        
        c:\nhbnbn.exe
        410⤵
        
        PID:1848
        
        \??\c:\3vpdj.exe
        
        c:\3vpdj.exe
        411⤵
        
        PID:2212
        
        \??\c:\lfxlxxl.exe
        
        c:\lfxlxxl.exe
        412⤵
        
        PID:2368
        
        \??\c:\xlxflrr.exe
        
        c:\xlxflrr.exe
        413⤵
        
        PID:1000
        
        \??\c:\tnhbht.exe
        
        c:\tnhbht.exe
        414⤵
        
        PID:1052
        
        \??\c:\9jjvd.exe
        
        c:\9jjvd.exe
        415⤵
        
        PID:1576
        
        \??\c:\1vppv.exe
        
        c:\1vppv.exe
        416⤵
        
        PID:2672
        
        \??\c:\fxlfffl.exe
        
        c:\fxlfffl.exe
        417⤵
        
        PID:3048
        
        \??\c:\lllrxxf.exe
        
        c:\lllrxxf.exe
        418⤵
        
        PID:2756
        
        \??\c:\htnntt.exe
        
        c:\htnntt.exe
        419⤵
        
        PID:2568
        
        \??\c:\dpdjp.exe
        
        c:\dpdjp.exe
        420⤵
        
        PID:2588
        
        \??\c:\vjdpd.exe
        
        c:\vjdpd.exe
        421⤵
        
        PID:2656
        
        \??\c:\rlxxllr.exe
        
        c:\rlxxllr.exe
        422⤵
        
        PID:2332
        
        \??\c:\hthbnn.exe
        
        c:\hthbnn.exe
        423⤵
        
        PID:2528
        
        \??\c:\bttbhn.exe
        
        c:\bttbhn.exe
        424⤵
        
        PID:2544
        
        \??\c:\pjvvd.exe
        
        c:\pjvvd.exe
        425⤵
        
        PID:1672
        
        \??\c:\llfffff.exe
        
        c:\llfffff.exe
        426⤵
        
        PID:2240
        
        \??\c:\7llrffr.exe
        
        c:\7llrffr.exe
        427⤵
        
        PID:1476
        
        \??\c:\nnhtnn.exe
        
        c:\nnhtnn.exe
        428⤵
        
        PID:1896
        
        \??\c:\vvdpj.exe
        
        c:\vvdpj.exe
        429⤵
        
        PID:2096
        
        \??\c:\dvjjj.exe
        
        c:\dvjjj.exe
        430⤵
        
        PID:2316
        
        \??\c:\3flfrrx.exe
        
        c:\3flfrrx.exe
        431⤵
        
        PID:2360
        
        \??\c:\fxllrlr.exe
        
        c:\fxllrlr.exe
        432⤵
        
        PID:808
        
        \??\c:\nnbhbb.exe
        
        c:\nnbhbb.exe
        433⤵
        
        PID:1532
        
        \??\c:\nhbhbh.exe
        
        c:\nhbhbh.exe
        434⤵
        
        PID:2108
        
        \??\c:\5jvpv.exe
        
        c:\5jvpv.exe
        435⤵
        
        PID:2836
        
        \??\c:\3lfxxxl.exe
        
        c:\3lfxxxl.exe
        436⤵
        
        PID:1092
        
        \??\c:\5rflrrx.exe
        
        c:\5rflrrx.exe
        437⤵
        
        PID:1088
        
        \??\c:\3bntbh.exe
        
        c:\3bntbh.exe
        438⤵
        
        PID:980
        
        \??\c:\9bnhtt.exe
        
        c:\9bnhtt.exe
        439⤵
        
        PID:2680
        
        \??\c:\vpppp.exe
        
        c:\vpppp.exe
        440⤵
        
        PID:2252
        
        \??\c:\jdvjv.exe
        
        c:\jdvjv.exe
        441⤵
        
        PID:716
        
        \??\c:\lxrrffl.exe
        
        c:\lxrrffl.exe
        442⤵
        
        PID:2896
        
        \??\c:\nbnhnh.exe
        
        c:\nbnhnh.exe
        443⤵
        
        PID:2152
        
        \??\c:\nbhbhh.exe
        
        c:\nbhbhh.exe
        444⤵
        
        PID:1800
        
        \??\c:\ddjdj.exe
        
        c:\ddjdj.exe
        445⤵
        
        PID:868
        
        \??\c:\dppjj.exe
        
        c:\dppjj.exe
        446⤵
        
        PID:3000
        
        \??\c:\xrlrxfx.exe
        
        c:\xrlrxfx.exe
        447⤵
        
        PID:1344
        
        \??\c:\nhbhnn.exe
        
        c:\nhbhnn.exe
        448⤵
        
        PID:2504
        
        \??\c:\5nhnnb.exe
        
        c:\5nhnnb.exe
        449⤵
        
        PID:2188
        
        \??\c:\vpddj.exe
        
        c:\vpddj.exe
        450⤵
        
        PID:700
        
        \??\c:\rrfxxxf.exe
        
        c:\rrfxxxf.exe
        451⤵
        
        PID:1632
        
        \??\c:\xlrxffl.exe
        
        c:\xlrxffl.exe
        452⤵
        
        PID:2856
        
        \??\c:\nnbbtb.exe
        
        c:\nnbbtb.exe
        453⤵
        
        PID:1692
        
        \??\c:\thtbnn.exe
        
        c:\thtbnn.exe
        454⤵
        
        PID:2016
        
        \??\c:\1dpjj.exe
        
        c:\1dpjj.exe
        455⤵
        
        PID:2172
        
        \??\c:\xxlfllx.exe
        
        c:\xxlfllx.exe
        456⤵
        
        PID:2468
        
        \??\c:\flrllfx.exe
        
        c:\flrllfx.exe
        457⤵
        
        PID:2368
        
        \??\c:\ddpjv.exe
        
        c:\ddpjv.exe
        458⤵
        
        PID:3052
        
        \??\c:\1jvdp.exe
        
        c:\1jvdp.exe
        459⤵
        
        PID:1052
        
        \??\c:\rrlxfrx.exe
        
        c:\rrlxfrx.exe
        460⤵
        
        PID:2812
        
        \??\c:\fffffrf.exe
        
        c:\fffffrf.exe
        461⤵
        
        PID:2672
        
        \??\c:\1thbbh.exe
        
        c:\1thbbh.exe
        462⤵
        
        PID:2776
        
        \??\c:\jjdpd.exe
        
        c:\jjdpd.exe
        463⤵
        
        PID:2540
        
        \??\c:\ddppv.exe
        
        c:\ddppv.exe
        464⤵
        
        PID:2848
        
        \??\c:\rllxlxf.exe
        
        c:\rllxlxf.exe
        465⤵
        
        PID:2588
        
        \??\c:\ffxflfl.exe
        
        c:\ffxflfl.exe
        466⤵
        
        PID:2652
        
        \??\c:\1bhhht.exe
        
        c:\1bhhht.exe
        467⤵
        
        PID:2332
        
        \??\c:\7vdvv.exe
        
        c:\7vdvv.exe
        468⤵
        
        PID:2712
        
        \??\c:\7frlrxf.exe
        
        c:\7frlrxf.exe
        469⤵
        
        PID:2964
        
        \??\c:\rfrxfxl.exe
        
        c:\rfrxfxl.exe
        470⤵
        
        PID:1116
        
        \??\c:\hthhbb.exe
        
        c:\hthhbb.exe
        471⤵
        
        PID:656
        
        \??\c:\nhttbb.exe
        
        c:\nhttbb.exe
        472⤵
        
        PID:1652
        
        \??\c:\pjdjd.exe
        
        c:\pjdjd.exe
        473⤵
        
        PID:1896
        
        \??\c:\vpvpv.exe
        
        c:\vpvpv.exe
        474⤵
        
        PID:2132
        
        \??\c:\rlxfrxf.exe
        
        c:\rlxfrxf.exe
        475⤵
        System Location Discovery: System Language Discovery
        
        PID:1828
        
        \??\c:\hbbhnb.exe
        
        c:\hbbhnb.exe
        476⤵
        
        PID:1396
        
        \??\c:\1nhtnt.exe
        
        c:\1nhtnt.exe
        477⤵
        
        PID:1492
        
        \??\c:\jdpvd.exe
        
        c:\jdpvd.exe
        478⤵
        
        PID:896
        
        \??\c:\xxfxffl.exe
        
        c:\xxfxffl.exe
        479⤵
        
        PID:1820
        
        \??\c:\lxlrflr.exe
        
        c:\lxlrflr.exe
        480⤵
        
        PID:1348
        
        \??\c:\bbnbhn.exe
        
        c:\bbnbhn.exe
        481⤵
        
        PID:2828
        
        \??\c:\tnbbhh.exe
        
        c:\tnbbhh.exe
        482⤵
        
        PID:2932
        
        \??\c:\vpdpd.exe
        
        c:\vpdpd.exe
        483⤵
        
        PID:2120
        
        \??\c:\fllxrlx.exe
        
        c:\fllxrlx.exe
        484⤵
        
        PID:1664
        
        \??\c:\bthhnn.exe
        
        c:\bthhnn.exe
        485⤵
        
        PID:1592
        
        \??\c:\bthntb.exe
        
        c:\bthntb.exe
        486⤵
        
        PID:604
        
        \??\c:\9vdjp.exe
        
        c:\9vdjp.exe
        487⤵
        
        PID:2896
        
        \??\c:\9lfrfrr.exe
        
        c:\9lfrfrr.exe
        488⤵
        
        PID:3056
        
        \??\c:\5xrxxxf.exe
        
        c:\5xrxxxf.exe
        489⤵
        
        PID:1800
        
        \??\c:\bthhth.exe
        
        c:\bthhth.exe
        490⤵
        
        PID:1028
        
        \??\c:\pdvdj.exe
        
        c:\pdvdj.exe
        491⤵
        
        PID:3000
        
        \??\c:\5vpdj.exe
        
        c:\5vpdj.exe
        492⤵
        
        PID:1344
        
        \??\c:\9frrxxf.exe
        
        c:\9frrxxf.exe
        493⤵
        
        PID:2504
        
        \??\c:\bthhnn.exe
        
        c:\bthhnn.exe
        494⤵
        
        PID:2492
        
        \??\c:\3tbhtt.exe
        
        c:\3tbhtt.exe
        495⤵
        
        PID:700
        
        \??\c:\pdpvd.exe
        
        c:\pdpvd.exe
        496⤵
        
        PID:1604
        
        \??\c:\rfrxxxf.exe
        
        c:\rfrxxxf.exe
        497⤵
        
        PID:2856
        
        \??\c:\rrffxfr.exe
        
        c:\rrffxfr.exe
        498⤵
        
        PID:932
        
        \??\c:\7bnnnt.exe
        
        c:\7bnnnt.exe
        499⤵
        
        PID:2016
        
        \??\c:\bbhnbb.exe
        
        c:\bbhnbb.exe
        500⤵
        
        PID:1848
        
        \??\c:\vpddp.exe
        
        c:\vpddp.exe
        501⤵
        
        PID:2468
        
        \??\c:\lllrxxf.exe
        
        c:\lllrxxf.exe
        502⤵
        
        PID:2368
        
        \??\c:\hbbtbt.exe
        
        c:\hbbtbt.exe
        503⤵
        
        PID:2208
        
        \??\c:\nhtnbh.exe
        
        c:\nhtnbh.exe
        504⤵
        
        PID:1548
        
        \??\c:\pjvvv.exe
        
        c:\pjvvv.exe
        505⤵
        
        PID:2812
        
        \??\c:\pdppv.exe
        
        c:\pdppv.exe
        506⤵
        
        PID:2792
        
        \??\c:\xxrfrfr.exe
        
        c:\xxrfrfr.exe
        507⤵
        
        PID:3048
        
        \??\c:\7bnttt.exe
        
        c:\7bnttt.exe
        508⤵
        
        PID:2540
        
        \??\c:\jvppd.exe
        
        c:\jvppd.exe
        509⤵
        
        PID:2848
        
        \??\c:\pdppd.exe
        
        c:\pdppd.exe
        510⤵
        
        PID:2716
        
        \??\c:\7lfffxf.exe
        
        c:\7lfffxf.exe
        511⤵
        
        PID:2652
        
        \??\c:\xxffxll.exe
        
        c:\xxffxll.exe
        512⤵
        
        PID:1840
        
        \??\c:\tnbbnn.exe
        
        c:\tnbbnn.exe
        513⤵
        
        PID:2712
        
        \??\c:\5jddd.exe
        
        c:\5jddd.exe
        514⤵
        
        PID:2964
        
        \??\c:\vvpjv.exe
        
        c:\vvpjv.exe
        515⤵
        
        PID:1116
        
        \??\c:\7frfxfl.exe
        
        c:\7frfxfl.exe
        516⤵
        
        PID:2968
        
        \??\c:\tntbnn.exe
        
        c:\tntbnn.exe
        517⤵
        
        PID:1652
        
        \??\c:\bbnnnt.exe
        
        c:\bbnnnt.exe
        518⤵
        
        PID:2364
        
        \??\c:\3dddj.exe
        
        c:\3dddj.exe
        519⤵
        
        PID:632
        
        \??\c:\vvpjv.exe
        
        c:\vvpjv.exe
        520⤵
        
        PID:376
        
        \??\c:\5lrlrfr.exe
        
        c:\5lrlrfr.exe
        521⤵
        
        PID:2128
        
        \??\c:\tbbhtb.exe
        
        c:\tbbhtb.exe
        522⤵
        
        PID:1532
        
        \??\c:\7bntbb.exe
        
        c:\7bntbb.exe
        523⤵
        
        PID:1812
        
        \??\c:\ppppd.exe
        
        c:\ppppd.exe
        524⤵
        
        PID:2836
        
        \??\c:\rlxxfll.exe
        
        c:\rlxxfll.exe
        525⤵
        
        PID:1372
        
        \??\c:\rlxfxlx.exe
        
        c:\rlxfxlx.exe
        526⤵
        
        PID:2084
        
        \??\c:\hbhntt.exe
        
        c:\hbhntt.exe
        527⤵
        
        PID:2744
        
        \??\c:\hhttbh.exe
        
        c:\hhttbh.exe
        528⤵
        
        PID:1104
        
        \??\c:\dvvjv.exe
        
        c:\dvvjv.exe
        529⤵
        
        PID:1796
        
        \??\c:\lfxxffr.exe
        
        c:\lfxxffr.exe
        530⤵
        
        PID:1592
        
        \??\c:\xlflxfl.exe
        
        c:\xlflxfl.exe
        531⤵
        
        PID:2196
        
        \??\c:\tttnbn.exe
        
        c:\tttnbn.exe
        532⤵
        
        PID:1992
        
        \??\c:\bbthnb.exe
        
        c:\bbthnb.exe
        533⤵
        
        PID:2152
        
        \??\c:\5vpdj.exe
        
        c:\5vpdj.exe
        534⤵
        
        PID:1136
        
        \??\c:\5lxxffl.exe
        
        c:\5lxxffl.exe
        535⤵
        
        PID:2112
        
        \??\c:\1lflffr.exe
        
        c:\1lflffr.exe
        536⤵
        
        PID:628
        
        \??\c:\nnbhbb.exe
        
        c:\nnbhbb.exe
        537⤵
        
        PID:948
        
        \??\c:\7btbbh.exe
        
        c:\7btbbh.exe
        538⤵
        
        PID:2400
        
        \??\c:\9pppp.exe
        
        c:\9pppp.exe
        539⤵
        
        PID:2188
        
        \??\c:\pddjj.exe
        
        c:\pddjj.exe
        540⤵
        
        PID:2392
        
        \??\c:\xrlflrf.exe
        
        c:\xrlflrf.exe
        541⤵
        System Location Discovery: System Language Discovery
        
        PID:1632
        
        \??\c:\thtbhh.exe
        
        c:\thtbhh.exe
        542⤵
        
        PID:1636
        
        \??\c:\thhhhn.exe
        
        c:\thhhhn.exe
        543⤵
        
        PID:684
        
        \??\c:\1vjpd.exe
        
        c:\1vjpd.exe
        544⤵
        
        PID:1996
        
        \??\c:\9pddd.exe
        
        c:\9pddd.exe
        545⤵
        
        PID:2212
        
        \??\c:\1lflxxl.exe
        
        c:\1lflxxl.exe
        546⤵
        
        PID:2648
        
        \??\c:\3bnhhn.exe
        
        c:\3bnhhn.exe
        547⤵
        
        PID:816
        
        \??\c:\bnhbhh.exe
        
        c:\bnhbhh.exe
        548⤵
        
        PID:2780
        
        \??\c:\dpjdj.exe
        
        c:\dpjdj.exe
        549⤵
        
        PID:2180
        
        \??\c:\pjjpv.exe
        
        c:\pjjpv.exe
        550⤵
        
        PID:2216
        
        \??\c:\5xflllx.exe
        
        c:\5xflllx.exe
        551⤵
        
        PID:2704
        
        \??\c:\nhbhnn.exe
        
        c:\nhbhnn.exe
        552⤵
        
        PID:2560
        
        \??\c:\hhbhnn.exe
        
        c:\hhbhnn.exe
        553⤵
        
        PID:2736
        
        \??\c:\dpddj.exe
        
        c:\dpddj.exe
        554⤵
        
        PID:2660
        
        \??\c:\xxlrffr.exe
        
        c:\xxlrffr.exe
        555⤵
        
        PID:2552
        
        \??\c:\5lfflff.exe
        
        c:\5lfflff.exe
        556⤵
        
        PID:2496
        
        \??\c:\nbbthh.exe
        
        c:\nbbthh.exe
        557⤵
        
        PID:2576
        
        \??\c:\5pdjv.exe
        
        c:\5pdjv.exe
        558⤵
        
        PID:2164
        
        \??\c:\pjvvv.exe
        
        c:\pjvvv.exe
        559⤵
        
        PID:2420
        
        \??\c:\lfrllll.exe
        
        c:\lfrllll.exe
        560⤵
        
        PID:1900
        
        \??\c:\lrrxxxf.exe
        
        c:\lrrxxxf.exe
        561⤵
        System Location Discovery: System Language Discovery
        
        PID:1200
        
        \??\c:\tnbbhh.exe
        
        c:\tnbbhh.exe
        562⤵
        
        PID:2512
        
        \??\c:\vjvvd.exe
        
        c:\vjvvd.exe
        563⤵
        
        PID:2264
        
        \??\c:\pjvdj.exe
        
        c:\pjvdj.exe
        564⤵
        
        PID:1856
        
        \??\c:\rlxfffl.exe
        
        c:\rlxfffl.exe
        565⤵
        
        PID:1764
        
        \??\c:\rlflrrx.exe
        
        c:\rlflrrx.exe
        566⤵
        
        PID:1248
        
        \??\c:\9bhhtb.exe
        
        c:\9bhhtb.exe
        567⤵
        
        PID:2832
        
        \??\c:\9vjdd.exe
        
        c:\9vjdd.exe
        568⤵
        
        PID:2424
        
        \??\c:\jjvdd.exe
        
        c:\jjvdd.exe
        569⤵
        
        PID:1820
        
        \??\c:\ffrfflr.exe
        
        c:\ffrfflr.exe
        570⤵
        
        PID:580
        
        \??\c:\lflxlxf.exe
        
        c:\lflxlxf.exe
        571⤵
        
        PID:2828
        
        \??\c:\nnttbh.exe
        
        c:\nnttbh.exe
        572⤵
        
        PID:2932
        
        \??\c:\jjdvj.exe
        
        c:\jjdvj.exe
        573⤵
        
        PID:380
        
        \??\c:\vvpdj.exe
        
        c:\vvpdj.exe
        574⤵
        
        PID:1400
        
        \??\c:\lxllllr.exe
        
        c:\lxllllr.exe
        575⤵
        
        PID:2192
        
        \??\c:\rxlrlxf.exe
        
        c:\rxlrlxf.exe
        576⤵
        
        PID:448
        
        \??\c:\7bbntb.exe
        
        c:\7bbntb.exe
        577⤵
        
        PID:3020
        
        \??\c:\vdvvv.exe
        
        c:\vdvvv.exe
        578⤵
        
        PID:952
        
        \??\c:\pjjjp.exe
        
        c:\pjjjp.exe
        579⤵
        
        PID:1628
        
        \??\c:\xrlrrxf.exe
        
        c:\xrlrrxf.exe
        580⤵
        
        PID:2480
        
        \??\c:\ffrxllx.exe
        
        c:\ffrxllx.exe
        581⤵
        
        PID:1656
        
        \??\c:\nbnhbb.exe
        
        c:\nbnhbb.exe
        582⤵
        
        PID:2288
        
        \??\c:\pjvvd.exe
        
        c:\pjvvd.exe
        583⤵
        
        PID:1040
        
        \??\c:\7vvdd.exe
        
        c:\7vvdd.exe
        584⤵
        
        PID:1640
        
        \??\c:\rlrxflx.exe
        
        c:\rlrxflx.exe
        585⤵
        
        PID:2412
        
        \??\c:\9tbhht.exe
        
        c:\9tbhht.exe
        586⤵
        
        PID:2056
        
        \??\c:\hbnbnt.exe
        
        c:\hbnbnt.exe
        587⤵
        
        PID:2728
        
        \??\c:\9pdvj.exe
        
        c:\9pdvj.exe
        588⤵
        
        PID:2144
        
        \??\c:\pjdpv.exe
        
        c:\pjdpv.exe
        589⤵
        
        PID:1784
        
        \??\c:\xxrlxfx.exe
        
        c:\xxrlxfx.exe
        590⤵
        
        PID:884
        
        \??\c:\3htbtb.exe
        
        c:\3htbtb.exe
        591⤵
        
        PID:1000
        
        \??\c:\hnhnbh.exe
        
        c:\hnhnbh.exe
        592⤵
        
        PID:2804
        
        \??\c:\5jvjp.exe
        
        c:\5jvjp.exe
        593⤵
        
        PID:2668
        
        \??\c:\pjpjj.exe
        
        c:\pjpjj.exe
        594⤵
        
        PID:2876
        
        \??\c:\xxxrffr.exe
        
        c:\xxxrffr.exe
        595⤵
        
        PID:2888
        
        \??\c:\tbnhbb.exe
        
        c:\tbnhbb.exe
        596⤵
        
        PID:2616
        
        \??\c:\5tbtbh.exe
        
        c:\5tbtbh.exe
        597⤵
        
        PID:2756
        
        \??\c:\3pjjj.exe
        
        c:\3pjjj.exe
        598⤵
        
        PID:2956
        
        \??\c:\lrrrlll.exe
        
        c:\lrrrlll.exe
        599⤵
        
        PID:2588
        
        \??\c:\5fxlxff.exe
        
        c:\5fxlxff.exe
        600⤵
        
        PID:1480
        
        \??\c:\btbhth.exe
        
        c:\btbhth.exe
        601⤵
        
        PID:2428
        
        \??\c:\tnnbtt.exe
        
        c:\tnnbtt.exe
        602⤵
        
        PID:2476
        
        \??\c:\vjdjp.exe
        
        c:\vjdjp.exe
        603⤵
        
        PID:2240
        
        \??\c:\3vpvd.exe
        
        c:\3vpvd.exe
        604⤵
        
        PID:2116
        
        \??\c:\rlflxff.exe
        
        c:\rlflxff.exe
        605⤵
        
        PID:1056
        
        \??\c:\bthtbh.exe
        
        c:\bthtbh.exe
        606⤵
        
        PID:2096
        
        \??\c:\ntnbth.exe
        
        c:\ntnbth.exe
        607⤵
        
        PID:2404
        
        \??\c:\3jpvd.exe
        
        c:\3jpvd.exe
        608⤵
        
        PID:2080
        
        \??\c:\9jjpp.exe
        
        c:\9jjpp.exe
        609⤵
        
        PID:1620
        
        \??\c:\xfrrrrx.exe
        
        c:\xfrrrrx.exe
        610⤵
        
        PID:2596
        
        \??\c:\rrlrllx.exe
        
        c:\rrlrllx.exe
        611⤵
        
        PID:1776
        
        \??\c:\thbhtt.exe
        
        c:\thbhtt.exe
        612⤵
        
        PID:236
        
        \??\c:\ppjvv.exe
        
        c:\ppjvv.exe
        613⤵
        
        PID:1508
        
        \??\c:\dpjdj.exe
        
        c:\dpjdj.exe
        614⤵
        
        PID:796
        
        \??\c:\1frrxfl.exe
        
        c:\1frrxfl.exe
        615⤵
        
        PID:1088
        
        \??\c:\rlxxllf.exe
        
        c:\rlxxllf.exe
        616⤵
        
        PID:2628
        
        \??\c:\hbnntb.exe
        
        c:\hbnntb.exe
        617⤵
        
        PID:2900
        
        \??\c:\dpppp.exe
        
        c:\dpppp.exe
        618⤵
        
        PID:956
        
        \??\c:\jjdpv.exe
        
        c:\jjdpv.exe
        619⤵
        
        PID:3016
        
        \??\c:\xxrrfrx.exe
        
        c:\xxrrfrx.exe
        620⤵
        
        PID:2124
        
        \??\c:\htnttb.exe
        
        c:\htnttb.exe
        621⤵
        
        PID:3036
        
        \??\c:\5hbhhh.exe
        
        c:\5hbhhh.exe
        622⤵
        
        PID:408
        
        \??\c:\vpvvj.exe
        
        c:\vpvvj.exe
        623⤵
        
        PID:2028
        
        \??\c:\pjdpd.exe
        
        c:\pjdpd.exe
        624⤵
        
        PID:3000
        
        \??\c:\llrrlfx.exe
        
        c:\llrrlfx.exe
        625⤵
        
        PID:1952
        
        \??\c:\btbhtb.exe
        
        c:\btbhtb.exe
        626⤵
        
        PID:2504
        
        \??\c:\pjdjp.exe
        
        c:\pjdjp.exe
        627⤵
        
        PID:832
        
        \??\c:\vjvdd.exe
        
        c:\vjvdd.exe
        628⤵
        
        PID:700
        
        \??\c:\7fxfffl.exe
        
        c:\7fxfffl.exe
        629⤵
        
        PID:1752
        
        \??\c:\llxlrxx.exe
        
        c:\llxlrxx.exe
        630⤵
        
        PID:1668
        
        \??\c:\9thhbh.exe
        
        c:\9thhbh.exe
        631⤵
        
        PID:1824
        
        \??\c:\jpjvp.exe
        
        c:\jpjvp.exe
        632⤵
        
        PID:2016
        
        \??\c:\jjpvj.exe
        
        c:\jjpvj.exe
        633⤵
        
        PID:2144
        
        \??\c:\xfxlrxl.exe
        
        c:\xfxlrxl.exe
        634⤵
        
        PID:2212
        
        \??\c:\lxrlxxf.exe
        
        c:\lxrlxxf.exe
        635⤵
        
        PID:3028
        
        \??\c:\tnbhtb.exe
        
        c:\tnbhtb.exe
        636⤵
        
        PID:1052
        
        \??\c:\7jdjp.exe
        
        c:\7jdjp.exe
        637⤵
        
        PID:816
        
        \??\c:\5djpp.exe
        
        c:\5djpp.exe
        638⤵
        
        PID:2180
        
        \??\c:\lrrrxrx.exe
        
        c:\lrrrxrx.exe
        639⤵
        
        PID:2672
        
        \??\c:\nntbhh.exe
        
        c:\nntbhh.exe
        640⤵
        
        PID:2704
        
        \??\c:\ppjpp.exe
        
        c:\ppjpp.exe
        641⤵
        
        PID:2724
        
        \??\c:\vpjpv.exe
        
        c:\vpjpv.exe
        642⤵
        
        PID:2736
        
        \??\c:\lxxfllf.exe
        
        c:\lxxfllf.exe
        643⤵
        
        PID:2568
        
        \??\c:\hhtbnt.exe
        
        c:\hhtbnt.exe
        644⤵
        
        PID:2580
        
        \??\c:\nhntbb.exe
        
        c:\nhntbb.exe
        645⤵
        
        PID:2656
        
        \??\c:\5vjvv.exe
        
        c:\5vjvv.exe
        646⤵
        
        PID:2496
        
        \??\c:\pjpjp.exe
        
        c:\pjpjp.exe
        647⤵
        
        PID:2528
        
        \??\c:\fxxlxxf.exe
        
        c:\fxxlxxf.exe
        648⤵
        
        PID:2420
        
        \??\c:\nnhnbh.exe
        
        c:\nnhnbh.exe
        649⤵
        
        PID:1264
        
        \??\c:\tnbhnn.exe
        
        c:\tnbhnn.exe
        650⤵
        
        PID:2520
        
        \??\c:\1ddjj.exe
        
        c:\1ddjj.exe
        651⤵
        System Location Discovery: System Language Discovery
        
        PID:1268
        
        \??\c:\jvjpp.exe
        
        c:\jvjpp.exe
        652⤵
        
        PID:2088
        
        \??\c:\7lrfrrx.exe
        
        c:\7lrfrrx.exe
        653⤵
        
        PID:1280
        
        \??\c:\9btbnb.exe
        
        c:\9btbnb.exe
        654⤵
        
        PID:812
        
        \??\c:\5bnbnt.exe
        
        c:\5bnbnt.exe
        655⤵
        
        PID:1904
        
        \??\c:\jdpjj.exe
        
        c:\jdpjj.exe
        656⤵
        
        PID:1532
        
        \??\c:\9lffllr.exe
        
        c:\9lffllr.exe
        657⤵
        
        PID:896
        
        \??\c:\tnbbtt.exe
        
        c:\tnbbtt.exe
        658⤵
        
        PID:536
        
        \??\c:\hbttnn.exe
        
        c:\hbttnn.exe
        659⤵
        
        PID:2632
        
        \??\c:\jvjdj.exe
        
        c:\jvjdj.exe
        660⤵
        
        PID:776
        
        \??\c:\llxxfxf.exe
        
        c:\llxxfxf.exe
        661⤵
        
        PID:980
        
        \??\c:\fxfllll.exe
        
        c:\fxfllll.exe
        662⤵
        
        PID:1104
        
        \??\c:\bnnntn.exe
        
        c:\bnnntn.exe
        663⤵
        
        PID:2120
        
        \??\c:\pppvv.exe
        
        c:\pppvv.exe
        664⤵
        
        PID:604
        
        \??\c:\pjvpv.exe
        
        c:\pjvpv.exe
        665⤵
        
        PID:2196
        
        \??\c:\rlffllx.exe
        
        c:\rlffllx.exe
        666⤵
        
        PID:912
        
        \??\c:\5thbhn.exe
        
        c:\5thbhn.exe
        667⤵
        
        PID:904
        
        \??\c:\pjvvv.exe
        
        c:\pjvvv.exe
        668⤵
        
        PID:1680
        
        \??\c:\vpjvd.exe
        
        c:\vpjvd.exe
        669⤵
        
        PID:2600
        
        \??\c:\frrrxlr.exe
        
        c:\frrrxlr.exe
        670⤵
        
        PID:1300
        
        \??\c:\btbthh.exe
        
        c:\btbthh.exe
        671⤵
        
        PID:320
        
        \??\c:\5hbhtb.exe
        
        c:\5hbhtb.exe
        672⤵
        
        PID:2448
        
        \??\c:\ppjvj.exe
        
        c:\ppjvj.exe
        673⤵
        
        PID:560
        
        \??\c:\3lxxflr.exe
        
        c:\3lxxflr.exe
        674⤵
        
        PID:1536
        
        \??\c:\1rfrxxf.exe
        
        c:\1rfrxxf.exe
        675⤵
        
        PID:1588
        
        \??\c:\5nbhhh.exe
        
        c:\5nbhhh.exe
        676⤵
        
        PID:2456
        
        \??\c:\5vjpd.exe
        
        c:\5vjpd.exe
        677⤵
        
        PID:1816
        
        \??\c:\vdppv.exe
        
        c:\vdppv.exe
        678⤵
        
        PID:2356
        
        \??\c:\1frxlff.exe
        
        c:\1frxlff.exe
        679⤵
        
        PID:2772
        
        \??\c:\tthnbn.exe
        
        c:\tthnbn.exe
        680⤵
        
        PID:2764
        
        \??\c:\hhtntt.exe
        
        c:\hhtntt.exe
        681⤵
        
        PID:2696
        
        \??\c:\ppddp.exe
        
        c:\ppddp.exe
        682⤵
        
        PID:2872
        
        \??\c:\ffflflx.exe
        
        c:\ffflflx.exe
        683⤵
        
        PID:2824
        
        \??\c:\fxrxllr.exe
        
        c:\fxrxllr.exe
        684⤵
        
        PID:2536
        
        \??\c:\9thhtn.exe
        
        c:\9thhtn.exe
        685⤵
        
        PID:2840
        
        \??\c:\pjpjp.exe
        
        c:\pjpjp.exe
        686⤵
        
        PID:2548
        
        \??\c:\vvpjv.exe
        
        c:\vvpjv.exe
        687⤵
        
        PID:2852
        
        \??\c:\lxlrrxl.exe
        
        c:\lxlrrxl.exe
        688⤵
        
        PID:2352
        
        \??\c:\1frxxfl.exe
        
        c:\1frxxfl.exe
        689⤵
        
        PID:2972
        
        \??\c:\tnbnnb.exe
        
        c:\tnbnnb.exe
        690⤵
        
        PID:2636
        
        \??\c:\9dvdj.exe
        
        c:\9dvdj.exe
        691⤵
        
        PID:2960
        
        \??\c:\dvppd.exe
        
        c:\dvppd.exe
        692⤵
        
        PID:2348
        
        \??\c:\frfrllr.exe
        
        c:\frfrllr.exe
        693⤵
        
        PID:2040
        
        \??\c:\1rrxflr.exe
        
        c:\1rrxflr.exe
        694⤵
        
        PID:1452
        
        \??\c:\tbbttn.exe
        
        c:\tbbttn.exe
        695⤵
        
        PID:1204
        
        \??\c:\7dvvp.exe
        
        c:\7dvvp.exe
        696⤵
        
        PID:1908
        
        \??\c:\xxflfll.exe
        
        c:\xxflfll.exe
        697⤵
        
        PID:632
        
        \??\c:\llrrxxf.exe
        
        c:\llrrxxf.exe
        698⤵
        
        PID:1332
        
        \??\c:\nhhntn.exe
        
        c:\nhhntn.exe
        699⤵
        
        PID:1620
        
        \??\c:\bnhhnt.exe
        
        c:\bnhhnt.exe
        700⤵
        
        PID:2596
        
        \??\c:\vpppv.exe
        
        c:\vpppv.exe
        701⤵
        
        PID:2044
        
        \??\c:\xlxxxxx.exe
        
        c:\xlxxxxx.exe
        702⤵
        
        PID:1532
        
        \??\c:\7rlfrlx.exe
        
        c:\7rlfrlx.exe
        703⤵
        
        PID:1372
        
        \??\c:\bhbnnn.exe
        
        c:\bhbnnn.exe
        704⤵
        
        PID:1292
        
        \??\c:\vpvjv.exe
        
        c:\vpvjv.exe
        705⤵
        
        PID:1088
        
        \??\c:\3jdvd.exe
        
        c:\3jdvd.exe
        706⤵
        
        PID:2252
        
        \??\c:\1rfxlrx.exe
        
        c:\1rfxlrx.exe
        707⤵
        
        PID:1664
        
        \??\c:\3bhntt.exe
        
        c:\3bhntt.exe
        708⤵
        
        PID:3044
        
        \??\c:\nthtnn.exe
        
        c:\nthtnn.exe
        709⤵
        
        PID:3016
        
        \??\c:\vpjvp.exe
        
        c:\vpjvp.exe
        710⤵
        
        PID:2140
        
        \??\c:\1fxxfff.exe
        
        c:\1fxxfff.exe
        711⤵
        
        PID:3056
        
        \??\c:\frlfrxx.exe
        
        c:\frlfrxx.exe
        712⤵
        
        PID:2376
        
        \??\c:\9hbnbh.exe
        
        c:\9hbnbh.exe
        713⤵
        
        PID:2112
        
        \??\c:\nhnbhh.exe
        
        c:\nhnbhh.exe
        714⤵
        
        PID:2608
        
        \??\c:\dvpvj.exe
        
        c:\dvpvj.exe
        715⤵
        
        PID:860
        
        \??\c:\5rrxflx.exe
        
        c:\5rrxflx.exe
        716⤵
        
        PID:1708
        
        \??\c:\rfflrxf.exe
        
        c:\rfflrxf.exe
        717⤵
        
        PID:2492
        
        \??\c:\bnhnbn.exe
        
        c:\bnhnbn.exe
        718⤵
        
        PID:2392
        
        \??\c:\jvjjv.exe
        
        c:\jvjjv.exe
        719⤵
        
        PID:1604
        
        \??\c:\vjpjj.exe
        
        c:\vjpjj.exe
        720⤵
        
        PID:1032
        
        \??\c:\fxflrlr.exe
        
        c:\fxflrlr.exe
        721⤵
        
        PID:2784
        
        \??\c:\3ntbtt.exe
        
        c:\3ntbtt.exe
        722⤵
        
        PID:1688
        
        \??\c:\hbnnbb.exe
        
        c:\hbnnbb.exe
        723⤵
        
        PID:1212
        
        \??\c:\pdjjp.exe
        
        c:\pdjjp.exe
        724⤵
        
        PID:2768
        
        \??\c:\vpjjj.exe
        
        c:\vpjjj.exe
        725⤵
        
        PID:3052
        
        \??\c:\1flxrxr.exe
        
        c:\1flxrxr.exe
        726⤵
        
        PID:2692
        
        \??\c:\ttnbtb.exe
        
        c:\ttnbtb.exe
        727⤵
        
        PID:2844
        
        \??\c:\9hbbnn.exe
        
        c:\9hbbnn.exe
        728⤵
        
        PID:2640
        
        \??\c:\vpdjp.exe
        
        c:\vpdjp.exe
        729⤵
        
        PID:2708
        
        \??\c:\xrfllrr.exe
        
        c:\xrfllrr.exe
        730⤵
        
        PID:2540
        
        \??\c:\ffxxrxf.exe
        
        c:\ffxxrxf.exe
        731⤵
        
        PID:2604
        
        \??\c:\btnnnh.exe
        
        c:\btnnnh.exe
        732⤵
        
        PID:2532
        
        \??\c:\5nbhtt.exe
        
        c:\5nbhtt.exe
        733⤵
        
        PID:2552
        
        \??\c:\7pjpv.exe
        
        c:\7pjpv.exe
        734⤵
        
        PID:1840
        
        \??\c:\3lrlrxf.exe
        
        c:\3lrlrxf.exe
        735⤵
        
        PID:2712
        
        \??\c:\3fxlxlf.exe
        
        c:\3fxlxlf.exe
        736⤵
        
        PID:1888
        
        \??\c:\nhhnhh.exe
        
        c:\nhhnhh.exe
        737⤵
        
        PID:1880
        
        \??\c:\9jppv.exe
        
        c:\9jppv.exe
        738⤵
        
        PID:2168
        
        \??\c:\5jpdd.exe
        
        c:\5jpdd.exe
        739⤵
        
        PID:1652
        
        \??\c:\3lflfll.exe
        
        c:\3lflfll.exe
        740⤵
        
        PID:2316
        
        \??\c:\fxrrflr.exe
        
        c:\fxrrflr.exe
        741⤵
        
        PID:2404
        
        \??\c:\btnnbt.exe
        
        c:\btnnbt.exe
        742⤵
        
        PID:1856
        
        \??\c:\dpjdd.exe
        
        c:\dpjdd.exe
        743⤵
        
        PID:1280
        
        \??\c:\ddpdj.exe
        
        c:\ddpdj.exe
        744⤵
        
        PID:1096
        
        \??\c:\fxrxflr.exe
        
        c:\fxrxflr.exe
        745⤵
        
        PID:2008
        
        \??\c:\hthhbh.exe
        
        c:\hthhbh.exe
        746⤵
        
        PID:880
        
        \??\c:\pdpjv.exe
        
        c:\pdpjv.exe
        747⤵
        
        PID:896
        
        \??\c:\vpdjp.exe
        
        c:\vpdjp.exe
        748⤵
        
        PID:580
        
        \??\c:\1fllrfl.exe
        
        c:\1fllrfl.exe
        749⤵
        
        PID:2220
        
        \??\c:\7htbhn.exe
        
        c:\7htbhn.exe
        750⤵
        
        PID:2932
        
        \??\c:\btttht.exe
        
        c:\btttht.exe
        751⤵
        
        PID:1940
        
        \??\c:\jvdvj.exe
        
        c:\jvdvj.exe
        752⤵
        
        PID:3060
        
        \??\c:\llxlrrl.exe
        
        c:\llxlrrl.exe
        753⤵
        
        PID:716
        
        \??\c:\xrxxxxf.exe
        
        c:\xrxxxxf.exe
        754⤵
        
        PID:448
        
        \??\c:\thtbhh.exe
        
        c:\thtbhh.exe
        755⤵
        
        PID:1800
        
        \??\c:\dpdvd.exe
        
        c:\dpdvd.exe
        756⤵
        
        PID:1948
        
        \??\c:\5fxxllx.exe
        
        c:\5fxxllx.exe
        757⤵
        
        PID:1628
        
        \??\c:\lfrlxxf.exe
        
        c:\lfrlxxf.exe
        758⤵
        
        PID:1344
        
        \??\c:\1btbht.exe
        
        c:\1btbht.exe
        759⤵
        
        PID:2948
        
        \??\c:\tbbttn.exe
        
        c:\tbbttn.exe
        760⤵
        
        PID:2992
        
        \??\c:\vvpvd.exe
        
        c:\vvpvd.exe
        761⤵
        
        PID:2880
        
        \??\c:\rlxrxxx.exe
        
        c:\rlxrxxx.exe
        762⤵
        
        PID:2688
        
        \??\c:\1xlrxrf.exe
        
        c:\1xlrxrf.exe
        763⤵
        
        PID:2856
        
        \??\c:\9tnntt.exe
        
        c:\9tnntt.exe
        764⤵
        
        PID:1636
        
        \??\c:\1pjpp.exe
        
        c:\1pjpp.exe
        765⤵
        
        PID:684
        
        \??\c:\vvpvj.exe
        
        c:\vvpvj.exe
        766⤵
        
        PID:1848
        
        \??\c:\ffrrrxf.exe
        
        c:\ffrrrxf.exe
        767⤵
        
        PID:2468
        
        \??\c:\lxlrxlr.exe
        
        c:\lxlrxlr.exe
        768⤵
        
        PID:2800
        
        \??\c:\hbtbhn.exe
        
        c:\hbtbhn.exe
        769⤵
        
        PID:1584
        
        \??\c:\9dvdj.exe
        
        c:\9dvdj.exe
        770⤵
        
        PID:2740
        
        \??\c:\3jddd.exe
        
        c:\3jddd.exe
        771⤵
        
        PID:2816
        
        \??\c:\fxrxfrf.exe
        
        c:\fxrxfrf.exe
        772⤵
        
        PID:2676
        
        \??\c:\9hnnnn.exe
        
        c:\9hnnnn.exe
        773⤵
        
        PID:3048
        
        \??\c:\bntnnt.exe
        
        c:\bntnnt.exe
        774⤵
        
        PID:3004
        
        \??\c:\3vjpd.exe
        
        c:\3vjpd.exe
        775⤵
        
        PID:2848
        
        \??\c:\lxllflr.exe
        
        c:\lxllflr.exe
        776⤵
        
        PID:2564
        
        \??\c:\9lxxlrr.exe
        
        c:\9lxxlrr.exe
        777⤵
        
        PID:2652
        
        \??\c:\5bbbnt.exe
        
        c:\5bbbnt.exe
        778⤵
        
        PID:2332
        
        \??\c:\ttnntb.exe
        
        c:\ttnntb.exe
        779⤵
        
        PID:2796
        
        \??\c:\3pjjp.exe
        
        c:\3pjjp.exe
        780⤵
        
        PID:2964
        
        \??\c:\llrrrfx.exe
        
        c:\llrrrfx.exe
        781⤵
        
        PID:1116
        
        \??\c:\hbhnnt.exe
        
        c:\hbhnnt.exe
        782⤵
        
        PID:2232
        
        \??\c:\3thtnt.exe
        
        c:\3thtnt.exe
        783⤵
        
        PID:1056
        
        \??\c:\vpvvp.exe
        
        c:\vpvvp.exe
        784⤵
        
        PID:2364
        
        \??\c:\ffxfrrf.exe
        
        c:\ffxfrrf.exe
        785⤵
        
        PID:1200
        
        \??\c:\xrfxxxx.exe
        
        c:\xrfxxxx.exe
        786⤵
        
        PID:1828
        
        \??\c:\bttbhn.exe
        
        c:\bttbhn.exe
        787⤵
        
        PID:1492
        
        \??\c:\5vjjp.exe
        
        c:\5vjjp.exe
        788⤵
        
        PID:1332
        
        \??\c:\jdjpp.exe
        
        c:\jdjpp.exe
        789⤵
        
        PID:1860
        
        \??\c:\lxlfffx.exe
        
        c:\lxlfffx.exe
        790⤵
        
        PID:2424
        
        \??\c:\9xlrxrr.exe
        
        c:\9xlrxrr.exe
        791⤵
        
        PID:400
        
        \??\c:\3bbnhh.exe
        
        c:\3bbnhh.exe
        792⤵
        
        PID:2892
        
        \??\c:\pjdpd.exe
        
        c:\pjdpd.exe
        793⤵
        
        PID:1092
        
        \??\c:\dvdvd.exe
        
        c:\dvdvd.exe
        794⤵
        
        PID:2628
        
        \??\c:\rlxflxf.exe
        
        c:\rlxflxf.exe
        795⤵
        
        PID:1796
        
        \??\c:\hbtthb.exe
        
        c:\hbtthb.exe
        796⤵
        
        PID:1592
        
        \??\c:\3bhhhn.exe
        
        c:\3bhhhn.exe
        797⤵
        
        PID:1736
        
        \??\c:\3dpvd.exe
        
        c:\3dpvd.exe
        798⤵
        
        PID:996
        
        \??\c:\lfxfrfr.exe
        
        c:\lfxfrfr.exe
        799⤵
        
        PID:2152
        
        \??\c:\lfflxlx.exe
        
        c:\lfflxlx.exe
        800⤵
        
        PID:1028
        
        \??\c:\nhnbhh.exe
        
        c:\nhnbhh.exe
        801⤵
        
        PID:2136
        
        \??\c:\dvpdj.exe
        
        c:\dvpdj.exe
        802⤵
        
        PID:628
        
        \??\c:\dvvvp.exe
        
        c:\dvvvp.exe
        803⤵
        
        PID:948
        
        \??\c:\5frlrfl.exe
        
        c:\5frlrfl.exe
        804⤵
        
        PID:2400
        
        \??\c:\nhnhbt.exe
        
        c:\nhnhbt.exe
        805⤵
        
        PID:1040
        
        \??\c:\btnntt.exe
        
        c:\btnntt.exe
        806⤵
        
        PID:2304
        
        \??\c:\jvjpj.exe
        
        c:\jvjpj.exe
        807⤵
        
        PID:1632
        
        \??\c:\dpddj.exe
        
        c:\dpddj.exe
        808⤵
        
        PID:932
        
        \??\c:\rlxxlxf.exe
        
        c:\rlxxlxf.exe
        809⤵
        
        PID:1876
        
        \??\c:\hthnbn.exe
        
        c:\hthnbn.exe
        810⤵
        
        PID:2172
        
        \??\c:\tntthh.exe
        
        c:\tntthh.exe
        811⤵
        
        PID:2144
        
        \??\c:\5pppd.exe
        
        c:\5pppd.exe
        812⤵
        
        PID:2368
        
        \??\c:\rflfllr.exe
        
        c:\rflfllr.exe
        813⤵
        
        PID:2208
        
        \??\c:\7rrlrrx.exe
        
        c:\7rrlrrx.exe
        814⤵
        
        PID:2204
        
        \??\c:\tnbhnt.exe
        
        c:\tnbhnt.exe
        815⤵
        
        PID:2812
        
        \??\c:\1vdjd.exe
        
        c:\1vdjd.exe
        816⤵
        
        PID:2556
        
        \??\c:\vpddv.exe
        
        c:\vpddv.exe
        817⤵
        
        PID:2888
        
        \??\c:\flffxlx.exe
        
        c:\flffxlx.exe
        818⤵
        
        PID:2592
        
        \??\c:\xlrflrx.exe
        
        c:\xlrflrx.exe
        819⤵
        
        PID:2612
        
        \??\c:\1bnttb.exe
        
        c:\1bnttb.exe
        820⤵
        
        PID:2736
        
        \??\c:\dpjvv.exe
        
        c:\dpjvv.exe
        821⤵
        
        PID:2984
        
        \??\c:\pjppv.exe
        
        c:\pjppv.exe
        822⤵
        
        PID:3008
        
        \??\c:\lxfrxlr.exe
        
        c:\lxfrxlr.exe
        823⤵
        
        PID:2396
        
        \??\c:\1tbthn.exe
        
        c:\1tbthn.exe
        824⤵
        
        PID:2380
        
        \??\c:\thttbh.exe
        
        c:\thttbh.exe
        825⤵
        
        PID:2240
        
        \??\c:\pdjdj.exe
        
        c:\pdjdj.exe
        826⤵
        
        PID:2116
        
        \??\c:\pdvdj.exe
        
        c:\pdvdj.exe
        827⤵
        
        PID:2388
        
        \??\c:\7frxxxx.exe
        
        c:\7frxxxx.exe
        828⤵
        
        PID:1896
        
        \??\c:\thhnbb.exe
        
        c:\thhnbb.exe
        829⤵
        
        PID:1204
        
        \??\c:\bntnnn.exe
        
        c:\bntnnn.exe
        830⤵
        
        PID:2192
        
        \??\c:\7vddd.exe
        
        c:\7vddd.exe
        831⤵
        
        PID:2080
        
        \??\c:\9pvpp.exe
        
        c:\9pvpp.exe
        832⤵
        
        PID:812
        
        \??\c:\rflffxx.exe
        
        c:\rflffxx.exe
        833⤵
        
        PID:1280
        
        \??\c:\hbhhhh.exe
        
        c:\hbhhhh.exe
        834⤵
        
        PID:2860
        
        \??\c:\htbhbn.exe
        
        c:\htbhbn.exe
        835⤵
        
        PID:1904
        
        \??\c:\jvddj.exe
        
        c:\jvddj.exe
        836⤵
        
        PID:1348
        
        \??\c:\1jvvj.exe
        
        c:\1jvvj.exe
        837⤵
        
        PID:2828
        
        \??\c:\5rlrllr.exe
        
        c:\5rlrllr.exe
        838⤵
        
        PID:696
        
        \??\c:\bnbhbt.exe
        
        c:\bnbhbt.exe
        839⤵
        
        PID:1088
        
        \??\c:\hhnntn.exe
        
        c:\hhnntn.exe
        840⤵
        
        PID:956
        
        \??\c:\dvpdv.exe
        
        c:\dvpdv.exe
        841⤵
        
        PID:2748
        
        \??\c:\pjjdj.exe
        
        c:\pjjdj.exe
        842⤵
        
        PID:2236
        
        \??\c:\lxlrrxx.exe
        
        c:\lxlrrxx.exe
        843⤵
        
        PID:2916
        
        \??\c:\bnhhtb.exe
        
        c:\bnhhtb.exe
        844⤵
        
        PID:1136
        
        \??\c:\nhttbn.exe
        
        c:\nhttbn.exe
        845⤵
        
        PID:2484
        
        \??\c:\pjpvj.exe
        
        c:\pjpvj.exe
        846⤵
        
        PID:1864
        
        \??\c:\dvpvd.exe
        
        c:\dvpvd.exe
        847⤵
        
        PID:2112
        
        \??\c:\fxrffxl.exe
        
        c:\fxrffxl.exe
        848⤵
        
        PID:1916
        
        \??\c:\thnnhb.exe
        
        c:\thnnhb.exe
        849⤵
        
        PID:2052
        
        \??\c:\7nhnnt.exe
        
        c:\7nhnnt.exe
        850⤵
        
        PID:2508
        
        \??\c:\pdvpv.exe
        
        c:\pdvpv.exe
        851⤵
        
        PID:560
        
        \??\c:\xrxlrrx.exe
        
        c:\xrxlrrx.exe
        852⤵
        
        PID:1536
        
        \??\c:\frxxlll.exe
        
        c:\frxxlll.exe
        853⤵
        
        PID:1588
        
        \??\c:\nhthhh.exe
        
        c:\nhthhh.exe
        854⤵
        
        PID:1788
        
        \??\c:\nbnhtt.exe
        
        c:\nbnhtt.exe
        855⤵
        
        PID:1448
        
        \??\c:\ddpdd.exe
        
        c:\ddpdd.exe
        856⤵
        
        PID:2648
        
        \??\c:\5jvvd.exe
        
        c:\5jvvd.exe
        857⤵
        
        PID:2468
        
        \??\c:\fxfrxxl.exe
        
        c:\fxfrxxl.exe
        858⤵
        
        PID:1548
        
        \??\c:\frrrrlr.exe
        
        c:\frrrrlr.exe
        859⤵
        
        PID:884
        
        \??\c:\htbhht.exe
        
        c:\htbhht.exe
        860⤵
        
        PID:2792
        
        \??\c:\1jdpd.exe
        
        c:\1jdpd.exe
        861⤵
        
        PID:2776
        
        \??\c:\pdpjp.exe
        
        c:\pdpjp.exe
        862⤵
        
        PID:3040
        
        \??\c:\5rlrxll.exe
        
        c:\5rlrxll.exe
        863⤵
        
        PID:1576
        
        \??\c:\9lxxxrx.exe
        
        c:\9lxxxrx.exe
        864⤵
        
        PID:2756
        
        \??\c:\tnbbhn.exe
        
        c:\tnbbhn.exe
        865⤵
        
        PID:2852
        
        \??\c:\nnbhnt.exe
        
        c:\nnbhnt.exe
        866⤵
        
        PID:1712
        
        \??\c:\pjdjj.exe
        
        c:\pjdjj.exe
        867⤵
        
        PID:2980
        
        \??\c:\vpjpd.exe
        
        c:\vpjpd.exe
        868⤵
        
        PID:2164
        
        \??\c:\xrflxfl.exe
        
        c:\xrflxfl.exe
        869⤵
        
        PID:2960
        
        \??\c:\thttbb.exe
        
        c:\thttbb.exe
        870⤵
        
        PID:1672
        
        \??\c:\hthhbn.exe
        
        c:\hthhbn.exe
        871⤵
        
        PID:2040
        
        \??\c:\jdvvj.exe
        
        c:\jdvvj.exe
        872⤵
        
        PID:1452
        
        \??\c:\3jvvj.exe
        
        c:\3jvvj.exe
        873⤵
        
        PID:656
        
        \??\c:\lfxfflr.exe
        
        c:\lfxfflr.exe
        874⤵
        
        PID:2512
        
        \??\c:\3fllxxx.exe
        
        c:\3fllxxx.exe
        875⤵
        
        PID:1200
        
        \??\c:\tnbtbn.exe
        
        c:\tnbtbn.exe
        876⤵
        
        PID:1248
        
        \??\c:\ppddd.exe
        
        c:\ppddd.exe
        877⤵
        
        PID:1620
        
        \??\c:\vpdjd.exe
        
        c:\vpdjd.exe
        878⤵
        
        PID:1332
        
        \??\c:\rfrffxr.exe
        
        c:\rfrffxr.exe
        879⤵
        
        PID:2008
        
        \??\c:\fxlfrxf.exe
        
        c:\fxlfrxf.exe
        880⤵
        
        PID:1836
        
        \??\c:\nhhntt.exe
        
        c:\nhhntt.exe
        881⤵
        
        PID:2820
        
        \??\c:\7nnnbt.exe
        
        c:\7nnnbt.exe
        882⤵
        
        PID:580
        
        \??\c:\dvjjp.exe
        
        c:\dvjjp.exe
        883⤵
        
        PID:2220
        
        \??\c:\rfxfflf.exe
        
        c:\rfxfflf.exe
        884⤵
        
        PID:1624
        
        \??\c:\lffxrrr.exe
        
        c:\lffxrrr.exe
        885⤵
        
        PID:1940
        
        \??\c:\nnbhbb.exe
        
        c:\nnbhbb.exe
        886⤵
        
        PID:3044
        
        \??\c:\hthntt.exe
        
        c:\hthntt.exe
        887⤵
        
        PID:1736
        
        \??\c:\pjdjp.exe
        
        c:\pjdjp.exe
        888⤵
        
        PID:2488
        
        \??\c:\3xlfxrf.exe
        
        c:\3xlfxrf.exe
        889⤵
        
        PID:868
        
        \??\c:\lxxffxx.exe
        
        c:\lxxffxx.exe
        890⤵
        
        PID:1680
        
        \??\c:\bthnnh.exe
        
        c:\bthnnh.exe
        891⤵
        
        PID:1656
        
        \??\c:\dvvjd.exe
        
        c:\dvvjd.exe
        892⤵
        
        PID:1224
        
        \??\c:\3vjdd.exe
        
        c:\3vjdd.exe
        893⤵
        
        PID:2480
        
        \??\c:\rlxflff.exe
        
        c:\rlxflff.exe
        894⤵
        
        PID:1640
        
        \??\c:\xrrfflr.exe
        
        c:\xrrfflr.exe
        895⤵
        
        PID:2492
        
        \??\c:\bntbnn.exe
        
        c:\bntbnn.exe
        896⤵
        
        PID:2076
        
        \??\c:\nhbhnn.exe
        
        c:\nhbhnn.exe
        897⤵
        
        PID:2856
        
        \??\c:\jdvjp.exe
        
        c:\jdvjp.exe
        898⤵
        
        PID:2456
        
        \??\c:\rlxffxf.exe
        
        c:\rlxffxf.exe
        899⤵
        
        PID:2784
        
        \??\c:\fxllrrx.exe
        
        c:\fxllrrx.exe
        900⤵
        
        PID:1688
        
        \??\c:\bnbnbb.exe
        
        c:\bnbnbb.exe
        901⤵
        
        PID:1572
        
        \??\c:\7bhbtt.exe
        
        c:\7bhbtt.exe
        902⤵
        
        PID:2760
        
        \??\c:\3vdjp.exe
        
        c:\3vdjp.exe
        903⤵
        
        PID:2808
        
        \??\c:\frffllx.exe
        
        c:\frffllx.exe
        904⤵
        
        PID:2180
        
        \??\c:\fxrlxfl.exe
        
        c:\fxrlxfl.exe
        905⤵
        
        PID:2844
        
        \??\c:\5hthnn.exe
        
        c:\5hthnn.exe
        906⤵
        
        PID:2640
        
        \??\c:\thbtbt.exe
        
        c:\thbtbt.exe
        907⤵
        
        PID:2724
        
        \??\c:\djvvd.exe
        
        c:\djvvd.exe
        908⤵
        
        PID:1780
        
        \??\c:\frfrllx.exe
        
        c:\frfrllx.exe
        909⤵
        
        PID:2604
        
        \??\c:\1rxxxfl.exe
        
        c:\1rxxxfl.exe
        910⤵
        
        PID:2564
        
        \??\c:\lxlxxfl.exe
        
        c:\lxlxxfl.exe
        911⤵
        System Location Discovery: System Language Discovery
        
        PID:2656
        
        \??\c:\nhnnbb.exe
        
        c:\nhnnbb.exe
        912⤵
        
        PID:2496
        
        \??\c:\7bnbnt.exe
        
        c:\7bnbnt.exe
        913⤵
        
        PID:2712
        
        \??\c:\vpdjj.exe
        
        c:\vpdjj.exe
        914⤵
        
        PID:2968
        
        \??\c:\5vdvv.exe
        
        c:\5vdvv.exe
        915⤵
        
        PID:1116
        
        \??\c:\lfxfffl.exe
        
        c:\lfxfffl.exe
        916⤵
        
        PID:1900
        
        \??\c:\3xxrxxf.exe
        
        c:\3xxrxxf.exe
        917⤵
        
        PID:2520
        
        \??\c:\xxrxflx.exe
        
        c:\xxrxflx.exe
        918⤵
        
        PID:2088
        
        \??\c:\1hnhhb.exe
        
        c:\1hnhhb.exe
        919⤵
        
        PID:1204
        
        \??\c:\nbhhhn.exe
        
        c:\nbhhhn.exe
        920⤵
        
        PID:2316
        
        \??\c:\3djdj.exe
        
        c:\3djdj.exe
        921⤵
        
        PID:2080
        
        \??\c:\9jddp.exe
        
        c:\9jddp.exe
        922⤵
        
        PID:1296
        
        \??\c:\9flffxx.exe
        
        c:\9flffxx.exe
        923⤵
        System Location Discovery: System Language Discovery
        
        PID:1776
        
        \??\c:\7rfxxxx.exe
        
        c:\7rfxxxx.exe
        924⤵
        
        PID:2424
        
        \??\c:\5rxxlll.exe
        
        c:\5rxxlll.exe
        925⤵
        
        PID:1904
        
        \??\c:\tnbbhh.exe
        
        c:\tnbbhh.exe
        926⤵
        
        PID:2892
        
        \??\c:\bbnntb.exe
        
        c:\bbnntb.exe
        927⤵
        
        PID:1092
        
        \??\c:\ddppp.exe
        
        c:\ddppp.exe
        928⤵
        
        PID:2932
        
        \??\c:\hbhhhh.exe
        
        c:\hbhhhh.exe
        929⤵
        
        PID:2024
        
        \??\c:\dpvvv.exe
        
        c:\dpvvv.exe
        930⤵
        
        PID:1400
        
        \??\c:\xrfffxx.exe
        
        c:\xrfffxx.exe
        931⤵
        
        PID:2748
        
        \??\c:\pjvvd.exe
        
        c:\pjvvd.exe
        932⤵
        
        PID:3020
        
        \??\c:\jppdj.exe
        
        c:\jppdj.exe
        933⤵
        System Location Discovery: System Language Discovery
        
        PID:3056
        
        \??\c:\7flxxlx.exe
        
        c:\7flxxlx.exe
        934⤵
        
        PID:1028
        
        \??\c:\nnbbnn.exe
        
        c:\nnbbnn.exe
        935⤵
        
        PID:3024
        
        \??\c:\htbbhb.exe
        
        c:\htbbhb.exe
        936⤵
        
        PID:2504
        
        \??\c:\jdjjj.exe
        
        c:\jdjjj.exe
        937⤵
        
        PID:320
        
        \??\c:\xrfflxf.exe
        
        c:\xrfflxf.exe
        938⤵
        
        PID:2992
        
        \??\c:\7rflrxx.exe
        
        c:\7rflrxx.exe
        939⤵
        
        PID:892
        
        \??\c:\9tbbhn.exe
        
        c:\9tbbhn.exe
        940⤵
        
        PID:2188
        
        \??\c:\btnttb.exe
        
        c:\btnttb.exe
        941⤵
        
        PID:1536
        
        \??\c:\jvpdj.exe
        
        c:\jvpdj.exe
        942⤵
        
        PID:1636
        
        \??\c:\vpdjp.exe
        
        c:\vpdjp.exe
        943⤵
        
        PID:1788
        
        \??\c:\frxrxrx.exe
        
        c:\frxrxrx.exe
        944⤵
        
        PID:1848
        
        \??\c:\1bbbhh.exe
        
        c:\1bbbhh.exe
        945⤵
        
        PID:1692
        
        \??\c:\bbntbn.exe
        
        c:\bbntbn.exe
        946⤵
        
        PID:2772
        
        \??\c:\3ddpv.exe
        
        c:\3ddpv.exe
        947⤵
        
        PID:2160
        
        \??\c:\lfllxlr.exe
        
        c:\lfllxlr.exe
        948⤵
        
        PID:2668
        
        \??\c:\5xlffxx.exe
        
        c:\5xlffxx.exe
        949⤵
        
        PID:2792
        
        \??\c:\btnntb.exe
        
        c:\btnntb.exe
        950⤵
        
        PID:2676
        
        \??\c:\jpvjv.exe
        
        c:\jpvjv.exe
        951⤵
        
        PID:3040
        
        \??\c:\vvpdp.exe
        
        c:\vvpdp.exe
        952⤵
        
        PID:2612
        
        \??\c:\7lffllr.exe
        
        c:\7lffllr.exe
        953⤵
        
        PID:2756
        
        \??\c:\xrxrrrf.exe
        
        c:\xrxrrrf.exe
        954⤵
        
        PID:2660
        
        \??\c:\hbtntt.exe
        
        c:\hbtntt.exe
        955⤵
        
        PID:1712
        
        \??\c:\jdvvv.exe
        
        c:\jdvvv.exe
        956⤵
        
        PID:2544
        
        \??\c:\vpjdj.exe
        
        c:\vpjdj.exe
        957⤵
        
        PID:1480
        
        \??\c:\rlfrffx.exe
        
        c:\rlfrffx.exe
        958⤵
        
        PID:2428
        
        \??\c:\bnbtbb.exe
        
        c:\bnbtbb.exe
        959⤵
        
        PID:2476
        
        \??\c:\hthhnn.exe
        
        c:\hthhnn.exe
        960⤵
        
        PID:1880
        
        \??\c:\pjvjd.exe
        
        c:\pjvjd.exe
        961⤵
        
        PID:1452
        
        \??\c:\9frxlrx.exe
        
        c:\9frxlrx.exe
        962⤵
        
        PID:2244
        
        \??\c:\xxrxffr.exe
        
        c:\xxrxffr.exe
        963⤵
        
        PID:1908
        
        \??\c:\nhnnht.exe
        
        c:\nhnnht.exe
        964⤵
        
        PID:1832
        
        \??\c:\jvjdp.exe
        
        c:\jvjdp.exe
        965⤵
        
        PID:1500
        
        \??\c:\ddvvd.exe
        
        c:\ddvvd.exe
        966⤵
        
        PID:2340
        
        \??\c:\lfrlllx.exe
        
        c:\lfrlllx.exe
        967⤵
        
        PID:2596
        
        \??\c:\1bnnnh.exe
        
        c:\1bnnnh.exe
        968⤵
        
        PID:2884
        
        \??\c:\btntbh.exe
        
        c:\btntbh.exe
        969⤵
        
        PID:880
        
        \??\c:\1jvdp.exe
        
        c:\1jvdp.exe
        970⤵
        
        PID:668
        
        \??\c:\5vjvd.exe
        
        c:\5vjvd.exe
        971⤵
        
        PID:2632
        
        \??\c:\fxrlfxx.exe
        
        c:\fxrlfxx.exe
        972⤵
        
        PID:2408
        
        \??\c:\nnbhnb.exe
        
        c:\nnbhnb.exe
        973⤵
        
        PID:2252
        
        \??\c:\ddpdj.exe
        
        c:\ddpdj.exe
        974⤵
        
        PID:740
        
        \??\c:\jdvdj.exe
        
        c:\jdvdj.exe
        975⤵
        
        PID:356
        
        \??\c:\fxrrffl.exe
        
        c:\fxrrffl.exe
        976⤵
        
        PID:3036
        
        \??\c:\hbhtbh.exe
        
        c:\hbhtbh.exe
        977⤵
        
        PID:2488
        
        \??\c:\nbnntn.exe
        
        c:\nbnntn.exe
        978⤵
        
        PID:2896
        
        \??\c:\5pjdj.exe
        
        c:\5pjdj.exe
        979⤵
        
        PID:408
        
        \??\c:\pjvvv.exe
        
        c:\pjvvv.exe
        980⤵
        
        PID:2112
        
        \??\c:\lrlrflf.exe
        
        c:\lrlrflf.exe
        981⤵
        
        PID:1224
        
        \??\c:\hthntn.exe
        
        c:\hthntn.exe
        982⤵
        
        PID:2400
        
        \??\c:\1hbntb.exe
        
        c:\1hbntb.exe
        983⤵
        
        PID:1708
        
        \??\c:\pdvvd.exe
        
        c:\pdvvd.exe
        984⤵
        
        PID:2304
        
        \??\c:\rfrxffl.exe
        
        c:\rfrxffl.exe
        985⤵
        
        PID:2492
        
        \??\c:\xlrxfxf.exe
        
        c:\xlrxfxf.exe
        986⤵
        
        PID:2076
        
        \??\c:\5bnbnt.exe
        
        c:\5bnbnt.exe
        987⤵
        
        PID:2856
        
        \??\c:\jddjp.exe
        
        c:\jddjp.exe
        988⤵
        
        PID:2456
        
        \??\c:\dpddj.exe
        
        c:\dpddj.exe
        989⤵
        
        PID:3028
        
        \??\c:\frffffl.exe
        
        c:\frffffl.exe
        990⤵
        
        PID:1848
        
        \??\c:\tnbntt.exe
        
        c:\tnbntt.exe
        991⤵
        
        PID:1688
        
        \??\c:\7ntnhh.exe
        
        c:\7ntnhh.exe
        992⤵
        
        PID:2760
        
        \??\c:\9pvvd.exe
        
        c:\9pvvd.exe
        993⤵
        
        PID:2160
        
        \??\c:\lffflxx.exe
        
        c:\lffflxx.exe
        994⤵
        
        PID:2556
        
        \??\c:\fxlxxxr.exe
        
        c:\fxlxxxr.exe
        995⤵
        
        PID:2792
        
        \??\c:\hhttbb.exe
        
        c:\hhttbb.exe
        996⤵
        
        PID:2676
        
        \??\c:\jvddv.exe
        
        c:\jvddv.exe
        997⤵
        
        PID:3040
        
        \??\c:\jjddp.exe
        
        c:\jjddp.exe
        998⤵
        
        PID:1780
        
        \??\c:\xxffflr.exe
        
        c:\xxffflr.exe
        999⤵
        
        PID:2756
        
        \??\c:\bttttb.exe
        
        c:\bttttb.exe
        1000⤵
        
        PID:2660
        
        \??\c:\pdvdv.exe
        
        c:\pdvdv.exe
        1001⤵
        
        PID:1712
        
        \??\c:\pdddd.exe
        
        c:\pdddd.exe
        1002⤵
        
        PID:2544
        
        \??\c:\rfxfflr.exe
        
        c:\rfxfflr.exe
        1003⤵
        
        PID:1480
        
        \??\c:\1ntnnn.exe
        
        c:\1ntnnn.exe
        1004⤵
        
        PID:2968
        
        \??\c:\7djjj.exe
        
        c:\7djjj.exe
        1005⤵
        
        PID:2476
        
        \??\c:\9jvvv.exe
        
        c:\9jvvv.exe
        1006⤵
        
        PID:1900
        
        \??\c:\frfxfff.exe
        
        c:\frfxfff.exe
        1007⤵
        
        PID:1452
        
        \??\c:\hhbntb.exe
        
        c:\hhbntb.exe
        1008⤵
        
        PID:2088
        
        \??\c:\tnbtbb.exe
        
        c:\tnbtbb.exe
        1009⤵
        
        PID:1908
        
        \??\c:\pjpvd.exe
        
        c:\pjpvd.exe
        1010⤵
        
        PID:1832
        
        \??\c:\xrfxffr.exe
        
        c:\xrfxffr.exe
        1011⤵
        
        PID:1856
        
        \??\c:\1xrxflx.exe
        
        c:\1xrxflx.exe
        1012⤵
        
        PID:1764
        
        \??\c:\9thnth.exe
        
        c:\9thnth.exe
        1013⤵
        
        PID:808
        
        \??\c:\9jdjd.exe
        
        c:\9jdjd.exe
        1014⤵
        
        PID:2884
        
        \??\c:\ddddp.exe
        
        c:\ddddp.exe
        1015⤵
        
        PID:1532
        
        \??\c:\fxlrrxf.exe
        
        c:\fxlrrxf.exe
        1016⤵
        
        PID:896
        
        \??\c:\ttnnht.exe
        
        c:\ttnnht.exe
        1017⤵
        
        PID:2720
        
        \??\c:\pdjjj.exe
        
        c:\pdjjj.exe
        1018⤵
        
        PID:2408
        
        \??\c:\dvddj.exe
        
        c:\dvddj.exe
        1019⤵
        
        PID:2252
        
        \??\c:\xxrxfxf.exe
        
        c:\xxrxfxf.exe
        1020⤵
        
        PID:1592
        
        \??\c:\nbhbhh.exe
        
        c:\nbhbhh.exe
        1021⤵
        
        PID:356
        
        \??\c:\bhbnth.exe
        
        c:\bhbnth.exe
        1022⤵
        
        PID:1608
        
        \??\c:\vvpdp.exe
        
        c:\vvpdp.exe
        1023⤵
        
        PID:2488
        
        \??\c:\9jvvv.exe
        
        c:\9jvvv.exe
        1024⤵
        
        PID:1344

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\3htbbb.exe

Filesize
332KB

MD5
8be3eafbab31849632913c15e23f1cae

SHA1
9beadc513039491a7c7a1dae6db7d7fcbb7fb424

SHA256
4792b18be50fdc2b256c1ac1e79118be96adae838a184ca6ce3718ea25cdbdfd

SHA512
7a73c5549f3aced838aeea5e1e31ee0802f04853c2c166d77b9b6653476462d76ca937bd40357732dc9fa5ca525e8c3e393e124b3374daf2b237417b2a2af1ba

Download Submit
C:\3llfxxx.exe

Filesize
332KB

MD5
7d45c7b390e74c381b09fa0f637a8fe7

SHA1
4d171e9fd3870bd0b04d786d37481426196b0913

SHA256
95b58468da6f6c8b98b9ce27ed38a613494b367e7d70f76b4d3d5bcbfdd222a0

SHA512
835ecc1c674692ca24a2dbf5f2636ac15a990ad4dd05db1b2e3111b037d4759b5a42b921d233c952394742b18cface66318bdbf32f8838bc4f251d4fc8658152

Download Submit
C:\5htttb.exe

Filesize
332KB

MD5
f36bcd881e77d80d75f2bac48d5d4b9c

SHA1
3e7e5b5d393db6a5be88a5af888f7e0720968aaa

SHA256
68f3db6e56ad216ad6f9feaa73c4f06d8c560b3b2ebee81a1d29b92b57a5ced2

SHA512
f5c440a02445067ebac9b801ade2e9d79b67f52b5ce21cd1767d83424dad5fcf23bf0fcf39114e7281c942d09443e457acd1ad36e5190970962b7854a682fba8

Download Submit
C:\5pjpv.exe

Filesize
332KB

MD5
364c704badd56171155a960a93ee8f8f

SHA1
f3d328628d924a16963000fbb248791cf17928a9

SHA256
57444e1b3fe0237e2d64e707bfe86a769f93458db22a3f123c9d7cbe0a677b5d

SHA512
caff08103423a9bced558478c6f4780ccdc2b62b0db78c5784cf182856852c5b23d7f88b810a9d9261647af81f915f9208241445db9c51d115fcf360d783eb6d

Download Submit
C:\5vjvp.exe

Filesize
332KB

MD5
4c3c1a1fc571011daa24ad9a74cbdab2

SHA1
1c9438c333ef9b0d1983e363fa73e2bc44a95b24

SHA256
ea003622b596f8c1fcd8999ee8412e2fe21746df0aa340aee9a3c52067ffa30e

SHA512
00c57d68a83133e0d2a92dc30d3b742d76ac796c828c4828050eb9721a0cbb94ac91ee870271a23a6aeb54fa06d7fa14272a0a6b539d6e683f50b4bbd4c52c2b

Download Submit
C:\5xfflrf.exe

Filesize
332KB

MD5
03e7555898ba0bca42b0ee96cd473c5b

SHA1
95900f93d295aeca7fd200d93f1f75457eeabe2f

SHA256
09f00f0b25351ce120da036a62863b11e5b003aa31b19f483daeb485c3c3a639

SHA512
b8eb32c855c94a3cf86ed6ae1bbab0495bc05af1053d0e9f04053c8295867a3c47087f3a3ac1a181eed395a71866a20cf5a2e7d6833b971430de569442e3721a

Download Submit
C:\bbnbhn.exe

Filesize
332KB

MD5
0d612bfa6ee3e3382dd20136921698fe

SHA1
5c2af4da8a07ea5855881fda3e3df08e08ca956f

SHA256
e057107ce1e4f3a1c5db9cade90b2c531c09ad0ce2ae927f05a4e0cfce6843ad

SHA512
7cfb548679871277e26b7f6d8a86cb84c75fece13a40fa5136ef2a03bf97269f2adc1d4fbe6e76b7ba6bdb471d46a82f1712f9c1676bffe6fbbc57d0ab2a89be

Download Submit
C:\bthntt.exe

Filesize
332KB

MD5
3fd07a52513b5baa73b05ed050e66750

SHA1
e41d030ee1e6a7c69b3244f9fb232b075bc202ae

SHA256
8a70d29ea79d3eb97217e96ed97bd39b12d59027a77c054f1b026442a95629bd

SHA512
6d0fe749d76c5bbf484fabba2f66d242294195f58574512ba753fcb4aaef842561b0964fb8d8f6f72145fcf5fa6eedf24f48ba29c864ec7015fdbbf774baa7ce

Download Submit
C:\ddjpd.exe

Filesize
332KB

MD5
cbf8fb97797b614a9de785e3808b51bf

SHA1
a287d1c58cfc9fc3e1cfb2c15baf2e8279d5722d

SHA256
f8ca4145774b54ace004bb6608f685ae125d22935e86540ecb9f6ec3ab309cc3

SHA512
7f4edda0bb181be49e89c00fafabfdecdbff2e25d34c562f7031f7d454976059a2d6bd3bedd9acf91320000c6d508d64769464e055c578a90250840e12688de3

Download Submit
C:\ddpdp.exe

Filesize
332KB

MD5
348afc43a74a34cbd823c951ba0835a5

SHA1
03df78361cc5663ee0e37c04761847e9f32f7457

SHA256
24fbd95abb56b7feb28a092ba2f473caa89dc794f6d1c53807c95f0183aeb626

SHA512
ac648b87ea0c9376a5933a8b0382660dbb24834f2d7566633e7d5bee8869ab8e25dbc035fa7aa257a5a8a01341f541fa2e19bf2cdb4f1b6ed4a012e5e49608bc

Download Submit
C:\dvjpd.exe

Filesize
332KB

MD5
e2e4792bd7dd9077896c8f483990bf17

SHA1
ae9fb100f8fe11a3125c80187f1f7d2bbb5a2d16

SHA256
4ff7abd714fd2d2b3ec7575cfc4513fb49b729724e1fc93f3838fc84223263bc

SHA512
6b20638d9d5996254627909ae76bb518576067b2c16d7c1d75d01394372ffe897efa8f17b2b00678b6ba4db665521b07ff5258fe092b02467296fb45005340a8

Download Submit
C:\ffxrxxf.exe

Filesize
332KB

MD5
7fc6215a01363c4f59ef80ae0d6d3ea2

SHA1
20d4b9a1e0b7bc3dac252dc999a052ccddbc655c

SHA256
68496403119647adc6abad99de07cfe3543182c76411df6265caa3d6bc35542a

SHA512
467126bbd31f1bbb493380563472ab1d6b78ba3a8e980e02b3b573ceb737be480c5ec298d1e72c2ae7f4b09184ab4fa390612ab990e9879ed8ea611ff077b2ff

Download Submit
C:\hbnthn.exe

Filesize
332KB

MD5
640e929ef921fa7408cf458a89aa3b0b

SHA1
045bebdeadd60d5aaad9989bedac16ca3812a146

SHA256
cd7ad66d6cb747f3d85eca424b22a07c1fc74a3adf3cc74414009ea8863ba393

SHA512
fd8d0edddc185f08f9e9821aef7832a18ed4c707c510183a4b05c67f5f3ae25840d0f4f4f9b3b9301a6c10160a1445c3c8b1453795c501936876afca742651ef

Download Submit
C:\hbttnb.exe

Filesize
332KB

MD5
01abeb767ebe4452da9631fba9b5d5f9

SHA1
b14f239772d252abd72602f904773de94b0af2fb

SHA256
6b656aff92b0b77c36a7d8139ebf6e8304c6833493d4f021ace5aff5926f6a68

SHA512
ede3787c99a877f1fa3b044274825d3fd46e72f03129c692965cf5df5a7bcfae92682273740e757662203ecfd33ec56c7d0571c2c0ba6c79fad6535ccd85c970

Download Submit
C:\hhtnbh.exe

Filesize
332KB

MD5
cbcdcd8b274e3b7ff7e5ad85178c4fb5

SHA1
6d716f9ae743dd2ad664e30bfe13887f7952fcb8

SHA256
5e62a49b75003607790e88657e20cc19d4756718bceefd19cc8c43106e551e3a

SHA512
88c6a66c733c4f6c3efcef1306c6044c9581d5f3540d02b1a8215e6035445111cb98b406d7ec9caa387550e0e27a923d6cc981d018db7ca156889d23d93acf13

Download Submit
C:\jjdvj.exe

Filesize
332KB

MD5
db9a1e5b3c6e1a7e59f41137d3d96c7f

SHA1
fb1bbfd60f584954a09e112dd5410e89a9b714c4

SHA256
494f17dcc2ed21499432da1cf2ece8bb8768382c2fc58f12e7b0b2b87357d116

SHA512
9625e01ff94f1c96e3670f9523be3257da56c99f47afa844ec3f5aa8c897b74544d664e2d285fe4658e3d576bacd788e2bb26d2173b778946ba90b744d6f2662

Download Submit
C:\lfxrxxf.exe

Filesize
332KB

MD5
1fccc849dfc970904752ff7ffd631a44

SHA1
222a6f4bf5a7ff824471e5694f04ecb39ec7f27f

SHA256
a89a7189968ac6618cd4be2cf7a64ac1be4fa039cdfe27fd88320f88e06302a2

SHA512
0b98d5330bfb2229ecf01a54e30a8549120997c6ca5991e7ab738b953f49ff324c4a4c81d64801ec283a4886fe4ec97a5057c3e90c4fdf185b9e6108223ee4d8

Download Submit
C:\nhtntb.exe

Filesize
332KB

MD5
e70739ae4fda1e9c6b71f171162f5895

SHA1
8f001b187d7f30a418ac1605d9d683b6c6dafdf6

SHA256
7c9803b97717603672a68591731b12ec8363ffba6920220bf4e2253a312a005b

SHA512
98dc89e9bce5da5fca128c902a97a53c9338a0833675b5ab9bdebb9c0da4a2b6c559dac44ede603e37143876646b3b2062321ef2814fce7fa8f0ff25597d1912

Download Submit
C:\pjdpp.exe

Filesize
332KB

MD5
c60cce8d5ab031db3efc7f0c51f00aae

SHA1
2bbefef1fb2247ee0166aae98c9798a413b38327

SHA256
002cc2198e1ecb6ca6b9e9e537701f8411b350cfc0475c4208fce40d43c507ed

SHA512
dca9f43c19f0f79a2d16f23e7ad3231c4c78e706238c82877e343b74aa7a927b38857ebe47d707b2f2abac8edd75b487c7fe1dba186f26b5f916e59055b1d969

Download Submit
C:\pjvvd.exe

Filesize
332KB

MD5
faba5cbb7d9a6dcf8cdb584fcef0975e

SHA1
f0292b234688197f99a79a0809a36cd02df25e49

SHA256
3ca0c736271f1c75d3500f835d3220d34bf275669b8049934d71bf0736c2eb1b

SHA512
ef54f95328846d131ed199b92815fa1264832f2ffa8ba34eddfa5e190bb7615d47c04b5d2bea89fc4e7a70df64d27d7599d90776c42e7c7d7ee1061fbb428ba2

Download Submit
C:\pppvv.exe

Filesize
332KB

MD5
05710d4dfc0d7e454eee495aff96ad1f

SHA1
dca75df238a316e632f0a916019244f15ffea8bf

SHA256
c25641f4edf9c7c398846333ed3d55d25fa2445c6fd813570e49f3c4d4d03af2

SHA512
e8b6bf27dc172cdc891bccdb2e2e2ea59440624c802491bc8483b8e7df42d8d3527c2f6b937c535dfad1d85cc23aef662d312e8d3899303079f4f46bfefcecbe

Download Submit
C:\pvppd.exe

Filesize
332KB

MD5
5201b157b60429486dadd4b96901e0d9

SHA1
1b849b3ad3331b0d56849ae7138c1268528b4f75

SHA256
aaa1f611265166d5c431183e75024c9ca2feedd73b48d7c709e85045052eae78

SHA512
c8d63b65ad0d637259bb4ce114d34f04e4f0f55ec26f407029b08f405c0bbe56c0ee04f8bbbbec55e966d5122e9ee96e272c1c3e5bc60757385dec2ab0080014

Download Submit
C:\rffxxrf.exe

Filesize
332KB

MD5
2d104746c8ff004dcd8ba011d6a7f27c

SHA1
2ec762a5795820aaf30980dfd7917026534affda

SHA256
1c1028415ccd3c0aa45edef2595d0cdcc515a7f2c22cab0d80d9fdafeefeb199

SHA512
1b53b27f14a6f0a898fbc5d607f2c8b343b81dca0a61fef7ce92215d7a6ccb73830321d9c85a5fedf7e9d501fd400585a9333dd14d2f96740eff4ebeb29d2f28

Download Submit
C:\rlfxllx.exe

Filesize
332KB

MD5
2cf1293f5cbfb18a21542ca939828251

SHA1
a4cecebcd05d5663f0cc9aa663207f61ae6b9f6c

SHA256
6e1e39dbe3f62095904d982988e987260c722c752fe6e0041cbc3ad71201ee78

SHA512
d6a25062fa7218e6ce5a4de84ae69fde39d62ac7dd13456059d421a7796df788ad9d0ed611cb974e50e73fc101ac99216f9ab79c5c5f13d457cd3ba351b36b04

Download Submit
C:\tnbhtt.exe

Filesize
332KB

MD5
c5f8ca91751641f954b3e859ed3335aa

SHA1
d2d2c704c47ec4d047941ac3314eb6db2a936e79

SHA256
371b91e244c76e7234318a657953cfcfdbce0c5ebbad2bdb5725bcea0fea88c2

SHA512
77c3dd8e4315403b39f67479132f96b8848db40718057d0a1604287943460f105f13130f5bfbe5fc9ddaeed76e68b34a917adf4a5e409a8a2a615d61399b54b7

Download Submit
C:\vpdjv.exe

Filesize
332KB

MD5
6136ebd1cc4377b579927fd826439852

SHA1
9a02be71f63f434c24e77c7fa420cd927888f087

SHA256
9b1e23db8c6263c962b05a0c7c6f975f70fcc9bf5b6fd6b63d3444f012f55a97

SHA512
7bb6b26056bd152b56e4e766bcf47f1b393871cd81d3305ca76696e48de1aee7882ff0c18ca9eb8822971f51719e1719826cf0fb7eb344a85375ef621c2a7350

Download Submit
C:\vvjvj.exe

Filesize
332KB

MD5
972a904bbfcc965857c4568d95b90545

SHA1
2193bd28cf668ee77e678b014335598fdf416d1b

SHA256
cc9ef291a2e7742c27b750f02724b905814de55d7db4e5d8fa81abc819b7a5d4

SHA512
0c16438244d2fd0575882bd573baf344fce2ec63e1632175b45bd5c60d82fd0db8c11edaf5e0e72cda69003da5d8e4b6b6e1f66f010277b4dfde5683dae89598

Download Submit
C:\vvppp.exe

Filesize
332KB

MD5
c92f5b108465baa3712e84ee2d5c033b

SHA1
6d3c040e1badd835686502f16b1bb747d962d0fa

SHA256
54e4e0b162406bdcb08ae1eab94154fdafa800e58a45bf46942116b8153c3402

SHA512
36b986fa8251fdfd04e84bcc48ce6171f2bd047e4643c1840d4579bc41675e01d081fbb2ac7d345c5f65792a87c2dd643e4efb76114d572532300d9fea4634ab

Download Submit
C:\xrlxflr.exe

Filesize
332KB

MD5
5a128a4b17a24524b613b7f6bcb99aaf

SHA1
da26d51db10452d8fd0609abb5b08c45f0632ac1

SHA256
3607df15274bd46cad57cc6f436696b1953d9c306f3a4afab1017f9e4c2731ee

SHA512
a60175c59ae9f074692f6b7023918765a65786166aaf80ffe04ebc422e46f8faaace28afd14c11b2880a777ba580d8f0d5bb8aa2699ce4547cdff41159d1540f

Download Submit
C:\xrxxlrf.exe

Filesize
332KB

MD5
4b058de9f5f825899eaff0ec5a3b8f28

SHA1
bcb2988351eaec3c825009cc7e4946f4d2d51cb8

SHA256
34517bdf7174fbf46027c358c16711dbc92ead9a770e0ac44bdc5035ae51656f

SHA512
132a44e6b526e75fd1a9816746f5663ec6c55e17b33540c77c401202321e52c29ff08dfc9701dd62c7a01333972db61b9557b5c53a5b4303dd6fd133a07ddb9b

Download Submit
C:\xxlxllf.exe

Filesize
332KB

MD5
62a93767380fbfbf95ecdc1a4a893efd

SHA1
a20385a41467bc8e43d9777c743fa07ba4514b7f

SHA256
e363f7136a4ff151066199ff5d821e3bc048678f253691304c3c80e7ae534224

SHA512
0c8ecd610d9ca69ce4db407865b567c907fd468b89bdd1cfab42bc5a4613cfc0f9ccf96faa61e3185d79c4cabf6ed94b31755bd441ff160371e75df242c3c42f

Download Submit
\??\c:\5nbhth.exe

Filesize
332KB

MD5
9076cb47d0d96bfc619041c828782cfb

SHA1
25085a4315a953f753cbc7287435b83983886136

SHA256
33a193e9f2b0a2c6bf54b1467ad96c49a1b7d81073b2e525c6ab7cd17692ec1d

SHA512
378a0ea6ce9ce908d42011da075b208d544afcbb5590b433efdcf64fff799facff9975fa13a7b813e1ffba0472c662b1ee41925c2cfd71f71d79c77dc5154b6b

Download Submit
memory/236-130-0x0000000000220000-0x000000000024A000-memory.dmp

Filesize
168KB

Download
memory/236-133-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/400-692-0x0000000000220000-0x000000000024A000-memory.dmp

Filesize
168KB

Download
memory/408-759-0x00000000001B0000-0x00000000001DA000-memory.dmp

Filesize
168KB

Download
memory/408-761-0x00000000001B0000-0x00000000001DA000-memory.dmp

Filesize
168KB

Download
memory/620-397-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/796-437-0x00000000002B0000-0x00000000002DA000-memory.dmp

Filesize
168KB

Download
memory/796-438-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/948-518-0x0000000000220000-0x000000000024A000-memory.dmp

Filesize
168KB

Download
memory/1000-277-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/1040-243-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/1088-423-0x00000000001B0000-0x00000000001DA000-memory.dmp

Filesize
168KB

Download
memory/1212-286-0x0000000000220000-0x000000000024A000-memory.dmp

Filesize
168KB

Download
memory/1248-410-0x0000000000220000-0x000000000024A000-memory.dmp

Filesize
168KB

Download
memory/1264-653-0x0000000000220000-0x000000000024A000-memory.dmp

Filesize
168KB

Download
memory/1268-123-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/1268-121-0x0000000000220000-0x000000000024A000-memory.dmp

Filesize
168KB

Download
memory/1280-691-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/1452-476-0x0000000000220000-0x000000000024A000-memory.dmp

Filesize
168KB

Download
memory/1476-369-0x0000000000220000-0x000000000024A000-memory.dmp

Filesize
168KB

Download
memory/1476-83-0x0000000000220000-0x000000000024A000-memory.dmp

Filesize
168KB

Download
memory/1476-85-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/1536-801-0x00000000003A0000-0x00000000003CA000-memory.dmp

Filesize
168KB

Download
memory/1548-303-0x0000000000220000-0x000000000024A000-memory.dmp

Filesize
168KB

Download
memory/1580-563-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/1592-450-0x0000000000220000-0x000000000024A000-memory.dmp

Filesize
168KB

Download
memory/1624-160-0x0000000000220000-0x000000000024A000-memory.dmp

Filesize
168KB

Download
memory/1656-217-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/1656-497-0x0000000000220000-0x000000000024A000-memory.dmp

Filesize
168KB

Download
memory/1656-775-0x0000000000220000-0x000000000024A000-memory.dmp

Filesize
168KB

Download
memory/1656-773-0x0000000000220000-0x000000000024A000-memory.dmp

Filesize
168KB

Download
memory/1656-215-0x0000000000230000-0x000000000025A000-memory.dmp

Filesize
168KB

Download
memory/1748-170-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/1784-553-0x0000000000220000-0x000000000024A000-memory.dmp

Filesize
168KB

Download
memory/1792-788-0x00000000002C0000-0x00000000002EA000-memory.dmp

Filesize
168KB

Download
memory/1792-507-0x0000000000220000-0x000000000024A000-memory.dmp

Filesize
168KB

Download
memory/1848-250-0x00000000003A0000-0x00000000003CA000-memory.dmp

Filesize
168KB

Download
memory/1848-531-0x0000000000220000-0x000000000024A000-memory.dmp

Filesize
168KB

Download
memory/1888-641-0x00000000001B0000-0x00000000001DA000-memory.dmp

Filesize
168KB

Download
memory/1904-113-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/2056-525-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/2060-734-0x00000000002C0000-0x00000000002EA000-memory.dmp

Filesize
168KB

Download
memory/2060-732-0x00000000002C0000-0x00000000002EA000-memory.dmp

Filesize
168KB

Download
memory/2080-747-0x00000000002A0000-0x00000000002CA000-memory.dmp

Filesize
168KB

Download
memory/2136-490-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/2160-559-0x0000000000220000-0x000000000024A000-memory.dmp

Filesize
168KB

Download
memory/2160-561-0x0000000000220000-0x000000000024A000-memory.dmp

Filesize
168KB

Download
memory/2208-268-0x0000000000220000-0x000000000024A000-memory.dmp

Filesize
168KB

Download
memory/2232-188-0x0000000000220000-0x000000000024A000-memory.dmp

Filesize
168KB

Download
memory/2232-190-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/2360-383-0x0000000000220000-0x000000000024A000-memory.dmp

Filesize
168KB

Download
memory/2364-102-0x0000000000220000-0x000000000024A000-memory.dmp

Filesize
168KB

Download
memory/2364-104-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/2388-386-0x00000000003C0000-0x00000000003EA000-memory.dmp

Filesize
168KB

Download
memory/2424-141-0x0000000000220000-0x000000000024A000-memory.dmp

Filesize
168KB

Download
memory/2424-143-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/2464-483-0x0000000000220000-0x000000000024A000-memory.dmp

Filesize
168KB

Download
memory/2492-232-0x0000000000220000-0x000000000024A000-memory.dmp

Filesize
168KB

Download
memory/2508-533-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/2528-615-0x0000000000220000-0x000000000024A000-memory.dmp

Filesize
168KB

Download
memory/2548-343-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/2552-63-0x00000000003A0000-0x00000000003CA000-memory.dmp

Filesize
168KB

Download
memory/2552-66-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/2560-601-0x00000000002C0000-0x00000000002EA000-memory.dmp

Filesize
168KB

Download
memory/2580-56-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/2580-54-0x0000000000220000-0x000000000024A000-memory.dmp

Filesize
168KB

Download
memory/2600-504-0x0000000000220000-0x000000000024A000-memory.dmp

Filesize
168KB

Download
memory/2604-350-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/2648-0-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/2648-7-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/2696-27-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/2696-25-0x0000000000230000-0x000000000025A000-memory.dmp

Filesize
168KB

Download
memory/2712-628-0x0000000000220000-0x000000000024A000-memory.dmp

Filesize
168KB

Download
memory/2720-430-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/2728-546-0x0000000000230000-0x000000000025A000-memory.dmp

Filesize
168KB

Download
memory/2744-705-0x0000000000220000-0x000000000024A000-memory.dmp

Filesize
168KB

Download
memory/2744-706-0x0000000000220000-0x000000000024A000-memory.dmp

Filesize
168KB

Download
memory/2756-316-0x00000000002C0000-0x00000000002EA000-memory.dmp

Filesize
168KB

Download
memory/2756-317-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/2760-10-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/2764-574-0x0000000000220000-0x000000000024A000-memory.dmp

Filesize
168KB

Download
memory/2828-151-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/2840-353-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/2840-46-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/2840-43-0x00000000001B0000-0x00000000001DA000-memory.dmp

Filesize
168KB

Download
memory/2852-330-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/2888-587-0x0000000000220000-0x000000000024A000-memory.dmp

Filesize
168KB

Download
memory/2888-589-0x0000000000220000-0x000000000024A000-memory.dmp

Filesize
168KB

Download
memory/2892-720-0x00000000001B0000-0x00000000001DA000-memory.dmp

Filesize
168KB

Download
memory/2892-718-0x00000000001B0000-0x00000000001DA000-memory.dmp

Filesize
168KB

Download
memory/2896-180-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/2896-178-0x0000000000220000-0x000000000024A000-memory.dmp

Filesize
168KB

Download
memory/2944-86-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/2964-69-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/3020-198-0x0000000000220000-0x000000000024A000-memory.dmp

Filesize
168KB

Download
memory/3040-35-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download