modiloader | 56a27d4fe9918b316ef49d625ab0b671376c50d5c5220cc76a3f5be08e970a0b

Analysis

max time kernel
11s
max time network
125s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
11/09/2024, 11:10

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

da36cac19bc6154d19eff33dfa68d7f6_JaffaCakes118.exe
Size

1.8MB
MD5

da36cac19bc6154d19eff33dfa68d7f6
SHA1

88087003e03b7b3a0805cc698a81044b40c99610
SHA256

56a27d4fe9918b316ef49d625ab0b671376c50d5c5220cc76a3f5be08e970a0b
SHA512

73f7666792fe4b1f0bc65ec1cd5e084fd3bb1515384907625fd94d3ff44f4098c65b51b19ab23ba07b472e87a8df73a29809a2f3f66d1f5321851f12f3ca3f12
SSDEEP

24576:YverFiJoEIGw5/F8aar8JTOANhTa7TL0w4W+xZPdpADCUIzM+iRJqTVYd/pG8vGI:1o8F8IKITD3PA+KETw/ruCj

Score

10^/10

modiloader discovery trojan

Malware Config

Signatures

ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
trojan modiloader

ModiLoader Second Stage 6 IoCs

resource	yara_rule
behavioral1/files/0x000d000000012262-4.dat	modiloader_stage2
behavioral1/memory/2816-34-0x0000000049240000-0x000000004940C000-memory.dmp	modiloader_stage2
behavioral1/memory/2712-66-0x0000000049240000-0x000000004940C000-memory.dmp	modiloader_stage2
behavioral1/memory/2856-53-0x0000000049240000-0x000000004940C000-memory.dmp	modiloader_stage2
behavioral1/memory/1252-132-0x0000000049240000-0x000000004940C000-memory.dmp	modiloader_stage2
behavioral1/memory/1264-121-0x0000000049240000-0x000000004940C000-memory.dmp	modiloader_stage2

Executes dropped EXE 64 IoCs

pid	Process
2816	gliderdeploy.exe
2856	GLIDERDEPLOY.EXE
2320	SERVER.EXE
2712	GLIDERDEPLOY.EXE
2688	SERVER.EXE
1264	GLIDERDEPLOY.EXE
1104	SERVER.EXE
1252	GLIDERDEPLOY.EXE
1800	GLIDERDEPLOY.EXE
2920	SERVER.EXE
2892	SERVER.EXE
1964	GLIDERDEPLOY.EXE
2984	SERVER.EXE
2468	GLIDERDEPLOY.EXE
1304	SERVER.EXE
1656	GLIDERDEPLOY.EXE
2188	SERVER.EXE
2296	GLIDERDEPLOY.EXE
2412	SERVER.EXE
2860	GLIDERDEPLOY.EXE
1572	SERVER.EXE
2684	GLIDERDEPLOY.EXE
2608	SERVER.EXE
284	GLIDERDEPLOY.EXE
2280	SERVER.EXE
2840	GLIDERDEPLOY.EXE
2124	SERVER.EXE
1252	GLIDERDEPLOY.EXE
1336	SERVER.EXE
2880	GLIDERDEPLOY.EXE
1324	SERVER.EXE
2176	GLIDERDEPLOY.EXE
2808	SERVER.EXE
1292	GLIDERDEPLOY.EXE
1784	SERVER.EXE
2340	GLIDERDEPLOY.EXE
2920	SERVER.EXE
896	GLIDERDEPLOY.EXE
528	SERVER.EXE
1832	GLIDERDEPLOY.EXE
1656	SERVER.EXE
2968	GLIDERDEPLOY.EXE
2788	SERVER.EXE
2492	GLIDERDEPLOY.EXE
2612	SERVER.EXE
3064	GLIDERDEPLOY.EXE
2412	SERVER.EXE
2548	GLIDERDEPLOY.EXE
2236	SERVER.EXE
2812	GLIDERDEPLOY.EXE
2484	SERVER.EXE
1264	GLIDERDEPLOY.EXE
1200	SERVER.EXE
1720	GLIDERDEPLOY.EXE
808	SERVER.EXE
2756	GLIDERDEPLOY.EXE
2156	SERVER.EXE
1524	GLIDERDEPLOY.EXE
684	SERVER.EXE
1400	GLIDERDEPLOY.EXE
932	SERVER.EXE
1676	GLIDERDEPLOY.EXE
2388	SERVER.EXE
2728	GLIDERDEPLOY.EXE

Loads dropped DLL 64 IoCs

pid	Process
2684	da36cac19bc6154d19eff33dfa68d7f6_JaffaCakes118.exe
2684	da36cac19bc6154d19eff33dfa68d7f6_JaffaCakes118.exe
2816	gliderdeploy.exe
2816	gliderdeploy.exe
2816	gliderdeploy.exe
2856	GLIDERDEPLOY.EXE
2856	GLIDERDEPLOY.EXE
2856	GLIDERDEPLOY.EXE
2712	GLIDERDEPLOY.EXE
2712	GLIDERDEPLOY.EXE
2712	GLIDERDEPLOY.EXE
1264	GLIDERDEPLOY.EXE
1264	GLIDERDEPLOY.EXE
1252	GLIDERDEPLOY.EXE
1264	GLIDERDEPLOY.EXE
1252	GLIDERDEPLOY.EXE
1252	GLIDERDEPLOY.EXE
1800	GLIDERDEPLOY.EXE
1800	GLIDERDEPLOY.EXE
1800	GLIDERDEPLOY.EXE
1964	GLIDERDEPLOY.EXE
1964	GLIDERDEPLOY.EXE
1964	GLIDERDEPLOY.EXE
2468	GLIDERDEPLOY.EXE
2468	GLIDERDEPLOY.EXE
2468	GLIDERDEPLOY.EXE
1656	GLIDERDEPLOY.EXE
1656	GLIDERDEPLOY.EXE
1656	GLIDERDEPLOY.EXE
2296	GLIDERDEPLOY.EXE
2296	GLIDERDEPLOY.EXE
2296	GLIDERDEPLOY.EXE
2860	GLIDERDEPLOY.EXE
2860	GLIDERDEPLOY.EXE
2860	GLIDERDEPLOY.EXE
2684	GLIDERDEPLOY.EXE
2684	GLIDERDEPLOY.EXE
2684	GLIDERDEPLOY.EXE
284	GLIDERDEPLOY.EXE
284	GLIDERDEPLOY.EXE
284	GLIDERDEPLOY.EXE
2840	GLIDERDEPLOY.EXE
2840	GLIDERDEPLOY.EXE
2840	GLIDERDEPLOY.EXE
1252	GLIDERDEPLOY.EXE
1252	GLIDERDEPLOY.EXE
1252	GLIDERDEPLOY.EXE
2880	GLIDERDEPLOY.EXE
2880	GLIDERDEPLOY.EXE
2880	GLIDERDEPLOY.EXE
2176	GLIDERDEPLOY.EXE
2176	GLIDERDEPLOY.EXE
2176	GLIDERDEPLOY.EXE
1292	GLIDERDEPLOY.EXE
1292	GLIDERDEPLOY.EXE
1292	GLIDERDEPLOY.EXE
2340	GLIDERDEPLOY.EXE
2340	GLIDERDEPLOY.EXE
2340	GLIDERDEPLOY.EXE
896	GLIDERDEPLOY.EXE
896	GLIDERDEPLOY.EXE
896	GLIDERDEPLOY.EXE
1832	GLIDERDEPLOY.EXE
1832	GLIDERDEPLOY.EXE

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

System Location Discovery: System Language Discovery 1 TTPs 64 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	da36cac19bc6154d19eff33dfa68d7f6_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	gliderdeploy.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GLIDERDEPLOY.EXE

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
2320	SERVER.EXE
2320	SERVER.EXE
2688	SERVER.EXE
2688	SERVER.EXE
1104	SERVER.EXE
1104	SERVER.EXE
2920	SERVER.EXE
2920	SERVER.EXE
2892	SERVER.EXE
2892	SERVER.EXE
2984	SERVER.EXE
2984	SERVER.EXE
1304	SERVER.EXE
1304	SERVER.EXE
2188	SERVER.EXE
2188	SERVER.EXE
2412	SERVER.EXE
2412	SERVER.EXE
1572	SERVER.EXE
1572	SERVER.EXE
2608	SERVER.EXE
2608	SERVER.EXE
2280	SERVER.EXE
2280	SERVER.EXE
2124	SERVER.EXE
2124	SERVER.EXE
1336	SERVER.EXE
1336	SERVER.EXE
1324	SERVER.EXE
1324	SERVER.EXE
2808	SERVER.EXE
2808	SERVER.EXE
1784	SERVER.EXE
1784	SERVER.EXE
2920	SERVER.EXE
2920	SERVER.EXE
528	SERVER.EXE
528	SERVER.EXE
1656	SERVER.EXE
1656	SERVER.EXE
2788	SERVER.EXE
2788	SERVER.EXE
2612	SERVER.EXE
2612	SERVER.EXE
2412	SERVER.EXE
2412	SERVER.EXE
2236	SERVER.EXE
2236	SERVER.EXE
2484	SERVER.EXE
2484	SERVER.EXE
1200	SERVER.EXE
1200	SERVER.EXE
808	SERVER.EXE
808	SERVER.EXE
2156	SERVER.EXE
2156	SERVER.EXE
684	SERVER.EXE
684	SERVER.EXE
932	SERVER.EXE
932	SERVER.EXE
2388	SERVER.EXE
2388	SERVER.EXE
1832	SERVER.EXE
1832	SERVER.EXE

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2684	da36cac19bc6154d19eff33dfa68d7f6_JaffaCakes118.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2684 wrote to memory of 2816	2684	da36cac19bc6154d19eff33dfa68d7f6_JaffaCakes118.exe	30
PID 2684 wrote to memory of 2816	2684	da36cac19bc6154d19eff33dfa68d7f6_JaffaCakes118.exe	30
PID 2684 wrote to memory of 2816	2684	da36cac19bc6154d19eff33dfa68d7f6_JaffaCakes118.exe	30
PID 2684 wrote to memory of 2816	2684	da36cac19bc6154d19eff33dfa68d7f6_JaffaCakes118.exe	30
PID 2816 wrote to memory of 2856	2816	gliderdeploy.exe	31
PID 2816 wrote to memory of 2856	2816	gliderdeploy.exe	31
PID 2816 wrote to memory of 2856	2816	gliderdeploy.exe	31
PID 2816 wrote to memory of 2856	2816	gliderdeploy.exe	31
PID 2816 wrote to memory of 2320	2816	gliderdeploy.exe	32
PID 2816 wrote to memory of 2320	2816	gliderdeploy.exe	32
PID 2816 wrote to memory of 2320	2816	gliderdeploy.exe	32
PID 2816 wrote to memory of 2320	2816	gliderdeploy.exe	32
PID 2856 wrote to memory of 2712	2856	GLIDERDEPLOY.EXE	33
PID 2856 wrote to memory of 2712	2856	GLIDERDEPLOY.EXE	33
PID 2856 wrote to memory of 2712	2856	GLIDERDEPLOY.EXE	33
PID 2856 wrote to memory of 2712	2856	GLIDERDEPLOY.EXE	33
PID 2320 wrote to memory of 1204	2320	SERVER.EXE	21
PID 2856 wrote to memory of 2688	2856	GLIDERDEPLOY.EXE	34
PID 2856 wrote to memory of 2688	2856	GLIDERDEPLOY.EXE	34
PID 2856 wrote to memory of 2688	2856	GLIDERDEPLOY.EXE	34
PID 2856 wrote to memory of 2688	2856	GLIDERDEPLOY.EXE	34
PID 2688 wrote to memory of 1204	2688	SERVER.EXE	21
PID 2320 wrote to memory of 1204	2320	SERVER.EXE	21
PID 2688 wrote to memory of 1204	2688	SERVER.EXE	21
PID 2320 wrote to memory of 1204	2320	SERVER.EXE	21
PID 2712 wrote to memory of 1264	2712	GLIDERDEPLOY.EXE	81
PID 2712 wrote to memory of 1264	2712	GLIDERDEPLOY.EXE	81
PID 2712 wrote to memory of 1264	2712	GLIDERDEPLOY.EXE	81
PID 2712 wrote to memory of 1264	2712	GLIDERDEPLOY.EXE	81
PID 2688 wrote to memory of 1204	2688	SERVER.EXE	21
PID 2712 wrote to memory of 1104	2712	GLIDERDEPLOY.EXE	36
PID 2712 wrote to memory of 1104	2712	GLIDERDEPLOY.EXE	36
PID 2712 wrote to memory of 1104	2712	GLIDERDEPLOY.EXE	36
PID 2712 wrote to memory of 1104	2712	GLIDERDEPLOY.EXE	36
PID 2320 wrote to memory of 1204	2320	SERVER.EXE	21
PID 1264 wrote to memory of 1252	1264	GLIDERDEPLOY.EXE	57
PID 1264 wrote to memory of 1252	1264	GLIDERDEPLOY.EXE	57
PID 1264 wrote to memory of 1252	1264	GLIDERDEPLOY.EXE	57
PID 1264 wrote to memory of 1252	1264	GLIDERDEPLOY.EXE	57
PID 1104 wrote to memory of 1204	1104	SERVER.EXE	21
PID 2688 wrote to memory of 1204	2688	SERVER.EXE	21
PID 2320 wrote to memory of 1204	2320	SERVER.EXE	21
PID 1104 wrote to memory of 1204	1104	SERVER.EXE	21
PID 2688 wrote to memory of 1204	2688	SERVER.EXE	21
PID 2320 wrote to memory of 1204	2320	SERVER.EXE	21
PID 1252 wrote to memory of 1800	1252	GLIDERDEPLOY.EXE	39
PID 1252 wrote to memory of 1800	1252	GLIDERDEPLOY.EXE	39
PID 1252 wrote to memory of 1800	1252	GLIDERDEPLOY.EXE	39
PID 1252 wrote to memory of 1800	1252	GLIDERDEPLOY.EXE	39
PID 1104 wrote to memory of 1204	1104	SERVER.EXE	21
PID 2688 wrote to memory of 1204	2688	SERVER.EXE	21
PID 1264 wrote to memory of 2920	1264	GLIDERDEPLOY.EXE	66
PID 1264 wrote to memory of 2920	1264	GLIDERDEPLOY.EXE	66
PID 1264 wrote to memory of 2920	1264	GLIDERDEPLOY.EXE	66
PID 1264 wrote to memory of 2920	1264	GLIDERDEPLOY.EXE	66
PID 2920 wrote to memory of 1204	2920	SERVER.EXE	21
PID 1252 wrote to memory of 2892	1252	GLIDERDEPLOY.EXE	40
PID 1252 wrote to memory of 2892	1252	GLIDERDEPLOY.EXE	40
PID 1252 wrote to memory of 2892	1252	GLIDERDEPLOY.EXE	40
PID 1252 wrote to memory of 2892	1252	GLIDERDEPLOY.EXE	40
PID 2892 wrote to memory of 1204	2892	SERVER.EXE	21
PID 1104 wrote to memory of 1204	1104	SERVER.EXE	21
PID 2920 wrote to memory of 1204	2920	SERVER.EXE	21
PID 2892 wrote to memory of 1204	2892	SERVER.EXE	21

C:\Windows\Explorer.EXE
C:\Windows\Explorer.EXE
1⤵
PID:1204
- C:\Users\Admin\AppData\Local\Temp\da36cac19bc6154d19eff33dfa68d7f6_JaffaCakes118.exe
  "C:\Users\Admin\AppData\Local\Temp\da36cac19bc6154d19eff33dfa68d7f6_JaffaCakes118.exe"
  2⤵
  - Loads dropped DLL
  - System Location Discovery: System Language Discovery
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:2684
- - C:\Users\Admin\AppData\Local\Temp\gliderdeploy.exe
    C:\Users\Admin\AppData\Local\Temp\\gliderdeploy.exe
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - System Location Discovery: System Language Discovery
    - Suspicious use of WriteProcessMemory
    PID:2816
  - - C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
      "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      System Location Discovery: System Language Discovery
      Suspicious use of WriteProcessMemory
      PID:2856
    - - C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        Suspicious use of WriteProcessMemory
        
        PID:2712
      - C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        6⤵
        Executes dropped EXE
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        Suspicious use of WriteProcessMemory
        
        PID:1264
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        7⤵
        Executes dropped EXE
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        Suspicious use of WriteProcessMemory
        
        PID:1252
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        8⤵
        Executes dropped EXE
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:1800
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        9⤵
        Executes dropped EXE
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:1964
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        10⤵
        Executes dropped EXE
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:2468
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        11⤵
        Executes dropped EXE
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:1656
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        12⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:2296
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        13⤵
        Executes dropped EXE
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:2860
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        14⤵
        Executes dropped EXE
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:2684
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        15⤵
        Executes dropped EXE
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:284
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        16⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:2840
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        17⤵
        Executes dropped EXE
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:1252
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        18⤵
        Executes dropped EXE
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:2880
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        19⤵
        Executes dropped EXE
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:2176
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        20⤵
        Executes dropped EXE
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:1292
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        21⤵
        Executes dropped EXE
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:2340
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        22⤵
        Executes dropped EXE
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:896
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        23⤵
        Executes dropped EXE
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:1832
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        24⤵
        Executes dropped EXE
        System Location Discovery: System Language Discovery
        
        PID:2968
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        25⤵
        Executes dropped EXE
        System Location Discovery: System Language Discovery
        
        PID:2492
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        26⤵
        Executes dropped EXE
        System Location Discovery: System Language Discovery
        
        PID:3064
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        27⤵
        Executes dropped EXE
        System Location Discovery: System Language Discovery
        
        PID:2548
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        28⤵
        Executes dropped EXE
        System Location Discovery: System Language Discovery
        
        PID:2812
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        29⤵
        Executes dropped EXE
        System Location Discovery: System Language Discovery
        
        PID:1264
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        30⤵
        Executes dropped EXE
        System Location Discovery: System Language Discovery
        
        PID:1720
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        31⤵
        Executes dropped EXE
        System Location Discovery: System Language Discovery
        
        PID:2756
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        32⤵
        Executes dropped EXE
        System Location Discovery: System Language Discovery
        
        PID:1524
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        33⤵
        Executes dropped EXE
        
        PID:1400
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        34⤵
        Executes dropped EXE
        System Location Discovery: System Language Discovery
        
        PID:1676
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        35⤵
        Executes dropped EXE
        System Location Discovery: System Language Discovery
        
        PID:2728
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        36⤵
        
        PID:2132
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        37⤵
        System Location Discovery: System Language Discovery
        
        PID:1868
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        38⤵
        System Location Discovery: System Language Discovery
        
        PID:528
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        39⤵
        System Location Discovery: System Language Discovery
        
        PID:2628
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        40⤵
        System Location Discovery: System Language Discovery
        
        PID:1792
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        41⤵
        System Location Discovery: System Language Discovery
        
        PID:2316
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        42⤵
        System Location Discovery: System Language Discovery
        
        PID:1016
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        43⤵
        System Location Discovery: System Language Discovery
        
        PID:2360
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        44⤵
        
        PID:2104
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        45⤵
        System Location Discovery: System Language Discovery
        
        PID:1620
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        46⤵
        System Location Discovery: System Language Discovery
        
        PID:2976
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        47⤵
        System Location Discovery: System Language Discovery
        
        PID:2436
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        48⤵
        System Location Discovery: System Language Discovery
        
        PID:1604
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        49⤵
        
        PID:2268
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        50⤵
        System Location Discovery: System Language Discovery
        
        PID:1152
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        51⤵
        System Location Discovery: System Language Discovery
        
        PID:2432
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        52⤵
        System Location Discovery: System Language Discovery
        
        PID:2308
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        53⤵
        
        PID:1780
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        54⤵
        System Location Discovery: System Language Discovery
        
        PID:1756
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        55⤵
        System Location Discovery: System Language Discovery
        
        PID:2792
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        56⤵
        System Location Discovery: System Language Discovery
        
        PID:2584
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        57⤵
        System Location Discovery: System Language Discovery
        
        PID:1292
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        58⤵
        System Location Discovery: System Language Discovery
        
        PID:2340
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        59⤵
        System Location Discovery: System Language Discovery
        
        PID:1508
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        60⤵
        
        PID:2660
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        61⤵
        System Location Discovery: System Language Discovery
        
        PID:2268
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        62⤵
        System Location Discovery: System Language Discovery
        
        PID:1712
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        63⤵
        System Location Discovery: System Language Discovery
        
        PID:2196
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        64⤵
        System Location Discovery: System Language Discovery
        
        PID:1616
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        65⤵
        
        PID:1624
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        66⤵
        System Location Discovery: System Language Discovery
        
        PID:2564
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        67⤵
        System Location Discovery: System Language Discovery
        
        PID:1676
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        68⤵
        System Location Discovery: System Language Discovery
        
        PID:2828
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        69⤵
        System Location Discovery: System Language Discovery
        
        PID:364
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        70⤵
        System Location Discovery: System Language Discovery
        
        PID:2844
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        71⤵
        
        PID:552
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        72⤵
        
        PID:1832
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        73⤵
        System Location Discovery: System Language Discovery
        
        PID:3052
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        74⤵
        
        PID:2000
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        75⤵
        System Location Discovery: System Language Discovery
        
        PID:2212
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        76⤵
        System Location Discovery: System Language Discovery
        
        PID:1096
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        77⤵
        System Location Discovery: System Language Discovery
        
        PID:680
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        78⤵
        
        PID:1576
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        79⤵
        
        PID:2728
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        80⤵
        
        PID:2860
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        81⤵
        
        PID:2328
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        82⤵
        
        PID:1608
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        83⤵
        
        PID:2600
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        84⤵
        
        PID:2432
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        85⤵
        
        PID:2100
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        86⤵
        
        PID:2000
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        87⤵
        
        PID:3020
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        88⤵
        
        PID:1924
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        89⤵
        
        PID:2700
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        90⤵
        
        PID:2712
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        91⤵
        
        PID:2368
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        92⤵
        
        PID:1280
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        93⤵
        
        PID:2800
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        94⤵
        
        PID:2796
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        95⤵
        
        PID:1288
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        96⤵
        
        PID:2932
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        97⤵
        
        PID:2348
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        98⤵
        
        PID:1860
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        99⤵
        
        PID:3020
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        100⤵
        
        PID:2612
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        101⤵
        
        PID:1964
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        102⤵
        
        PID:2712
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        103⤵
        
        PID:2128
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        104⤵
        
        PID:2968
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        105⤵
        
        PID:2596
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        106⤵
        
        PID:3060
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        107⤵
        
        PID:2756
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        108⤵
        
        PID:1876
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        109⤵
        
        PID:2376
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        110⤵
        
        PID:2444
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        111⤵
        
        PID:2664
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        112⤵
        
        PID:1856
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        113⤵
        
        PID:2984
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        114⤵
        
        PID:2648
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        115⤵
        
        PID:2300
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        116⤵
        
        PID:1052
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        117⤵
        
        PID:2248
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        118⤵
        
        PID:3064
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        119⤵
        
        PID:2656
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        120⤵
        
        PID:2520
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        121⤵
        
        PID:2628
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        122⤵
        
        PID:1668
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        123⤵
        
        PID:2560
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        124⤵
        
        PID:2200
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        125⤵
        
        PID:2752
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        126⤵
        
        PID:1252
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        127⤵
        
        PID:2968
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        128⤵
        
        PID:2056
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        129⤵
        
        PID:940
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        130⤵
        
        PID:2620
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        131⤵
        
        PID:2316
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        132⤵
        
        PID:2636
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        133⤵
        
        PID:1808
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        134⤵
        
        PID:2700
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        135⤵
        
        PID:2488
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        136⤵
        
        PID:1956
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        137⤵
        
        PID:552
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        138⤵
        
        PID:536
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        139⤵
        
        PID:1604
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        140⤵
        
        PID:2112
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        141⤵
        
        PID:2464
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        142⤵
        
        PID:2484
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        143⤵
        
        PID:1104
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        144⤵
        
        PID:772
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        145⤵
        
        PID:2728
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        146⤵
        
        PID:2076
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        147⤵
        
        PID:588
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        148⤵
        
        PID:1040
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        149⤵
        
        PID:624
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        150⤵
        
        PID:2176
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        151⤵
        
        PID:1052
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        152⤵
        
        PID:1604
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        153⤵
        
        PID:1876
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        154⤵
        
        PID:2296
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        155⤵
        
        PID:2148
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        156⤵
        
        PID:1780
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        157⤵
        
        PID:680
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        158⤵
        
        PID:2676
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        159⤵
        
        PID:2240
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        160⤵
        
        PID:2340
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        161⤵
        
        PID:2564
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        162⤵
        
        PID:2732
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        163⤵
        
        PID:1052
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        164⤵
        
        PID:2088
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        165⤵
        
        PID:2304
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        166⤵
        
        PID:2836
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        167⤵
        
        PID:2548
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        168⤵
        
        PID:2524
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        169⤵
        
        PID:2748
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        170⤵
        
        PID:524
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        171⤵
        
        PID:2668
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        172⤵
        
        PID:2428
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        173⤵
        
        PID:1236
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        174⤵
        
        PID:2784
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        175⤵
        
        PID:2872
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        176⤵
        
        PID:2184
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        177⤵
        
        PID:1528
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        178⤵
        
        PID:2936
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        179⤵
        
        PID:2768
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        180⤵
        
        PID:1112
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        181⤵
        
        PID:2076
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        182⤵
        
        PID:2020
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        183⤵
        
        PID:1392
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        184⤵
        
        PID:2000
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        185⤵
        
        PID:848
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        186⤵
        
        PID:2600
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        187⤵
        
        PID:2036
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        188⤵
        
        PID:2900
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        189⤵
        
        PID:2756
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        190⤵
        
        PID:3036
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        191⤵
        
        PID:2884
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        192⤵
        
        PID:1684
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        193⤵
        
        PID:2260
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        194⤵
        
        PID:2468
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        195⤵
        
        PID:2564
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        196⤵
        
        PID:1360
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        197⤵
        
        PID:2696
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        198⤵
        
        PID:1512
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        199⤵
        
        PID:2864
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        200⤵
        
        PID:2852
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        201⤵
        
        PID:2772
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        202⤵
        
        PID:2084
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        203⤵
        
        PID:2244
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        204⤵
        
        PID:2816
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        205⤵
        
        PID:2700
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        206⤵
        
        PID:2972
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        207⤵
        
        PID:1580
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        208⤵
        
        PID:1144
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        209⤵
        
        PID:872
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        210⤵
        
        PID:2728
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        211⤵
        
        PID:1940
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        212⤵
        
        PID:3004
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        213⤵
        
        PID:1200
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        214⤵
        
        PID:2960
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        215⤵
        
        PID:364
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        216⤵
        
        PID:3032
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        217⤵
        
        PID:2656
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        218⤵
        
        PID:1724
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        219⤵
        
        PID:2600
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        220⤵
        
        PID:1812
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        221⤵
        
        PID:1640
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        222⤵
        
        PID:3016
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        223⤵
        
        PID:2004
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        224⤵
        
        PID:2868
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        225⤵
        
        PID:2344
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        226⤵
        
        PID:2228
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        227⤵
        
        PID:904
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        228⤵
        
        PID:1772
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        229⤵
        
        PID:1832
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        230⤵
        
        PID:1524
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        231⤵
        
        PID:2272
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        232⤵
        
        PID:2900
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        233⤵
        
        PID:2644
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        234⤵
        
        PID:2332
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        235⤵
        
        PID:2280
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        236⤵
        
        PID:2308
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        237⤵
        
        PID:536
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        238⤵
        
        PID:2284
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        239⤵
        
        PID:2448
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        240⤵
        
        PID:2844
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        241⤵
        
        PID:2872
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        242⤵
        
        PID:972
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        243⤵
        
        PID:2692
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        244⤵
        
        PID:2608
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        245⤵
        
        PID:552
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        246⤵
        
        PID:1020
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        247⤵
        
        PID:604
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        248⤵
        
        PID:2744
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        249⤵
        
        PID:2228
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        250⤵
        
        PID:1136
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        251⤵
        
        PID:2856
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        252⤵
        
        PID:2664
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        253⤵
        
        PID:1464
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        254⤵
        
        PID:520
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        255⤵
        
        PID:1812
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        256⤵
        
        PID:2884
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        257⤵
        
        PID:2104
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        258⤵
        
        PID:1268
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        259⤵
        
        PID:2216
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        260⤵
        
        PID:2020
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        261⤵
        
        PID:1328
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        262⤵
        
        PID:1360
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        263⤵
        
        PID:1592
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        264⤵
        
        PID:872
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        265⤵
        
        PID:1772
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        266⤵
        
        PID:2784
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        267⤵
        
        PID:1500
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        268⤵
        
        PID:2868
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        269⤵
        
        PID:1032
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        270⤵
        
        PID:2160
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        271⤵
        
        PID:940
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        272⤵
        
        PID:2300
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        273⤵
        
        PID:2796
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        274⤵
        
        PID:2176
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        275⤵
        
        PID:1592
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        276⤵
        
        PID:3044
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        277⤵
        
        PID:1940
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        278⤵
        
        PID:776
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        279⤵
        
        PID:1980
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        280⤵
        
        PID:2320
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        281⤵
        
        PID:2556
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        282⤵
        
        PID:876
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        283⤵
        
        PID:976
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        284⤵
        
        PID:3040
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        285⤵
        
        PID:2796
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        286⤵
        
        PID:2304
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        287⤵
        
        PID:564
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        288⤵
        
        PID:2588
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        289⤵
        
        PID:2436
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        290⤵
        
        PID:1040
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        291⤵
        
        PID:1792
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        292⤵
        
        PID:2532
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        293⤵
        
        PID:940
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        294⤵
        
        PID:2184
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        295⤵
        
        PID:1524
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        296⤵
        
        PID:2008
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        297⤵
        
        PID:2020
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        298⤵
        
        PID:1580
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        299⤵
        
        PID:520
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        300⤵
        
        PID:1112
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        301⤵
        
        PID:2708
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        302⤵
        
        PID:1612
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        303⤵
        
        PID:1960
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        304⤵
        
        PID:2736
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        305⤵
        
        PID:112
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        306⤵
        
        PID:684
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        307⤵
        
        PID:2796
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        308⤵
        
        PID:2464
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        309⤵
        
        PID:2208
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        310⤵
        
        PID:1292
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        311⤵
        
        PID:428
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        312⤵
        
        PID:1644
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        313⤵
        
        PID:2360
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        314⤵
        
        PID:1344
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        315⤵
        
        PID:2212
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        316⤵
        
        PID:584
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        317⤵
        
        PID:2376
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        318⤵
        
        PID:868
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        319⤵
        
        PID:1464
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        320⤵
        
        PID:2664
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        321⤵
        
        PID:2028
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        322⤵
        
        PID:3032
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        323⤵
        
        PID:1196
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        324⤵
        
        PID:2424
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        325⤵
        
        PID:1020
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        326⤵
        
        PID:2532
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        327⤵
        
        PID:2432
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        328⤵
        
        PID:2780
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        329⤵
        
        PID:2232
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        330⤵
        
        PID:2772
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        331⤵
        
        PID:1528
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        332⤵
        
        PID:2928
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        333⤵
        
        PID:2620
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        334⤵
        
        PID:2468
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        335⤵
        
        PID:1608
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        336⤵
        
        PID:2032
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        337⤵
        
        PID:1924
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        338⤵
        
        PID:2816
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        339⤵
        
        PID:2624
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        340⤵
        
        PID:2836
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        341⤵
        
        PID:2376
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        342⤵
        
        PID:2592
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        343⤵
        
        PID:2300
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        344⤵
        
        PID:1988
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        345⤵
        
        PID:776
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        346⤵
        
        PID:1568
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        347⤵
        
        PID:1520
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        348⤵
        
        PID:2776
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        349⤵
        
        PID:1668
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        350⤵
        
        PID:2556
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        351⤵
        
        PID:2780
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        352⤵
        
        PID:2124
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        353⤵
        
        PID:2596
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        354⤵
        
        PID:552
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        355⤵
        
        PID:2020
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        356⤵
        
        PID:2308
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        357⤵
        
        PID:2908
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        358⤵
        
        PID:2452
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        359⤵
        
        PID:1156
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        360⤵
        
        PID:2120
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        361⤵
        
        PID:3020
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        362⤵
        
        PID:680
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        363⤵
        
        PID:2988
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        364⤵
        
        PID:2728
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        365⤵
        
        PID:2268
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        366⤵
        
        PID:2884
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        367⤵
        
        PID:980
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        368⤵
        
        PID:576
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        369⤵
        
        PID:2572
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        370⤵
        
        PID:1780
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        371⤵
        
        PID:2840
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        372⤵
        
        PID:2636
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        373⤵
        
        PID:2108
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        374⤵
        
        PID:1824
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        375⤵
        
        PID:2036
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        376⤵
        
        PID:2668
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        377⤵
        
        PID:2272
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        378⤵
        
        PID:2960
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        379⤵
        
        PID:1152
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        380⤵
        
        PID:980
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        381⤵
        
        PID:2996
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        382⤵
        
        PID:3052
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        383⤵
        
        PID:2756
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        384⤵
        
        PID:2260
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        385⤵
        
        PID:2780
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        386⤵
        
        PID:2368
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        387⤵
        
        PID:1772
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        388⤵
        
        PID:3060
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        389⤵
        
        PID:884
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        390⤵
        
        PID:2440
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        391⤵
        
        PID:2320
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        392⤵
        
        PID:2612
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        393⤵
        
        PID:780
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        394⤵
        
        PID:1336
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        395⤵
        
        PID:1880
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        396⤵
        
        PID:668
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        397⤵
        
        PID:2260
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        398⤵
        
        PID:1824
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        399⤵
        
        PID:904
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        400⤵
        
        PID:2268
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        401⤵
        
        PID:2944
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        402⤵
        
        PID:1152
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        403⤵
        
        PID:1868
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        404⤵
        
        PID:2008
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        405⤵
        
        PID:1680
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        406⤵
        
        PID:2544
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        407⤵
        
        PID:1288
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        408⤵
        
        PID:2856
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        409⤵
        
        PID:2368
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        410⤵
        
        PID:1464
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        411⤵
        
        PID:3060
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        412⤵
        
        PID:2696
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        413⤵
        
        PID:2816
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        414⤵
        
        PID:1588
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        415⤵
        
        PID:2612
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        416⤵
        
        PID:1020
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        417⤵
        
        PID:1876
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        418⤵
        
        PID:2072
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        419⤵
        
        PID:2812
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        420⤵
        
        PID:2828
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        421⤵
        
        PID:1752
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        422⤵
        
        PID:1260
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        423⤵
        
        PID:2452
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        424⤵
        
        PID:1620
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        425⤵
        
        PID:2080
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        426⤵
        
        PID:1052
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        427⤵
        
        PID:2196
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        428⤵
        
        PID:2252
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        429⤵
        
        PID:1932
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        430⤵
        
        PID:536
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        431⤵
        
        PID:1880
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        432⤵
        
        PID:2812
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        433⤵
        
        PID:3024
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        434⤵
        
        PID:2440
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        435⤵
        
        PID:2576
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        436⤵
        
        PID:2420
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        437⤵
        
        PID:1588
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        438⤵
        
        PID:1736
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        439⤵
        
        PID:2784
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        440⤵
        
        PID:1988
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        441⤵
        
        PID:2260
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        442⤵
        
        PID:1044
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        443⤵
        
        PID:2308
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        444⤵
        
        PID:1200
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        445⤵
        
        PID:2572
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        446⤵
        
        PID:1016
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        447⤵
        
        PID:3044
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        448⤵
        
        PID:1528
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        449⤵
        
        PID:848
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        450⤵
        
        PID:2888
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        451⤵
        
        PID:2444
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        452⤵
        
        PID:236
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        453⤵
        
        PID:2740
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        454⤵
        
        PID:2648
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        455⤵
        
        PID:1040
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        456⤵
        
        PID:2696
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        457⤵
        
        PID:2228
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        458⤵
        
        PID:1960
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        459⤵
        
        PID:1464
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        460⤵
        
        PID:3044
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        461⤵
        
        PID:1528
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        462⤵
        
        PID:748
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        463⤵
        
        PID:2864
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        464⤵
        
        PID:952
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        465⤵
        
        PID:1724
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        466⤵
        
        PID:3024
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        467⤵
        
        PID:2388
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        468⤵
        
        PID:2848
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        469⤵
        
        PID:2420
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        470⤵
        
        PID:524
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        471⤵
        
        PID:828
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        472⤵
        
        PID:2436
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        473⤵
        
        PID:2404
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        474⤵
        
        PID:2940
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        475⤵
        
        PID:2832
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        476⤵
        
        PID:1704
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        477⤵
        
        PID:1680
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        478⤵
        
        PID:3068
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        479⤵
        
        PID:2356
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        480⤵
        
        PID:2080
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        481⤵
        
        PID:1264
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        482⤵
        
        PID:684
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        483⤵
        
        PID:2532
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        484⤵
        
        PID:2200
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        485⤵
        
        PID:2724
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        486⤵
        
        PID:1612
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        487⤵
        
        PID:2352
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        488⤵
        
        PID:2100
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        489⤵
        
        PID:2264
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        490⤵
        
        PID:2320
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        491⤵
        
        PID:2636
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        492⤵
        
        PID:1096
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        493⤵
        
        PID:3044
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        494⤵
        
        PID:2108
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        495⤵
        
        PID:668
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        496⤵
        
        PID:1760
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        497⤵
        
        PID:2864
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        498⤵
        
        PID:2424
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        499⤵
        
        PID:2772
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        500⤵
        
        PID:1808
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        501⤵
        
        PID:1636
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        502⤵
        
        PID:1016
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        503⤵
        
        PID:2752
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        504⤵
        
        PID:1256
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        505⤵
        
        PID:2484
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        506⤵
        
        PID:236
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        507⤵
        
        PID:1624
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        508⤵
        
        PID:1268
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        509⤵
        
        PID:2684
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        510⤵
        
        PID:2588
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        511⤵
        
        PID:1280
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        512⤵
        
        PID:2612
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        513⤵
        
        PID:2620
        
        C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\GLIDERDEPLOY.EXE"
        514⤵
        
        PID:552
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        513⤵
        
        PID:2544
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        512⤵
        
        PID:2988
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        511⤵
        
        PID:2800
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        510⤵
        
        PID:2352
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        509⤵
        
        PID:1200
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        508⤵
        
        PID:1656
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        507⤵
        
        PID:2112
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        506⤵
        
        PID:2332
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        505⤵
        
        PID:2028
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        504⤵
        
        PID:2868
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        503⤵
        
        PID:1876
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        502⤵
        
        PID:1684
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        501⤵
        
        PID:2116
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        500⤵
        
        PID:1792
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        499⤵
        
        PID:2248
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        498⤵
        
        PID:1592
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        497⤵
        
        PID:1884
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        496⤵
        
        PID:2200
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        495⤵
        
        PID:2128
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        494⤵
        
        PID:684
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        493⤵
        
        PID:1348
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        492⤵
        
        PID:2080
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        491⤵
        
        PID:2796
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        490⤵
        
        PID:2572
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        489⤵
        
        PID:2284
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        488⤵
        
        PID:624
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        487⤵
        
        PID:2580
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        486⤵
        
        PID:2740
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        485⤵
        
        PID:2160
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        484⤵
        
        PID:2168
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        483⤵
        
        PID:1528
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        482⤵
        
        PID:3020
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        481⤵
        
        PID:1944
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        480⤵
        
        PID:1252
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        479⤵
        
        PID:1136
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        478⤵
        
        PID:2736
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        477⤵
        
        PID:1724
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        476⤵
        
        PID:1720
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        475⤵
        
        PID:2524
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        474⤵
        
        PID:604
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        473⤵
        
        PID:1592
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        472⤵
        
        PID:2332
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        471⤵
        
        PID:2124
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        470⤵
        
        PID:1748
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        469⤵
        
        PID:316
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        468⤵
        
        PID:3052
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        467⤵
        
        PID:2676
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        466⤵
        
        PID:3048
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        465⤵
        
        PID:2644
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        464⤵
        
        PID:1676
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        463⤵
        
        PID:904
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        462⤵
        
        PID:2252
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        461⤵
        
        PID:2672
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        460⤵
        
        PID:2940
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        459⤵
        
        PID:2768
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        458⤵
        
        PID:2484
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        457⤵
        
        PID:1964
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        456⤵
        
        PID:2148
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        455⤵
        
        PID:2116
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        454⤵
        
        PID:2588
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        453⤵
        
        PID:1012
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        452⤵
        
        PID:2580
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        451⤵
        
        PID:1680
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        450⤵
        
        PID:2412
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        449⤵
        
        PID:2864
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        448⤵
        
        PID:2900
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        447⤵
        
        PID:1620
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        446⤵
        
        PID:828
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        445⤵
        
        PID:1256
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        444⤵
        
        PID:1924
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        443⤵
        
        PID:1964
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        442⤵
        
        PID:2044
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        441⤵
        
        PID:1656
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        440⤵
        
        PID:1884
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        439⤵
        
        PID:520
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        438⤵
        
        PID:2724
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        437⤵
        
        PID:2532
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        436⤵
        
        PID:2816
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        435⤵
        
        PID:1872
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        434⤵
        
        PID:1608
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        433⤵
        
        PID:468
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        432⤵
        
        PID:1056
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        431⤵
        
        PID:2204
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        430⤵
        
        PID:2684
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        429⤵
        
        PID:2116
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        428⤵
        
        PID:2648
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        427⤵
        
        PID:284
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        426⤵
        
        PID:2556
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        425⤵
        
        PID:1780
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        424⤵
        
        PID:2224
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        423⤵
        
        PID:1576
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        422⤵
        
        PID:1332
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        421⤵
        
        PID:828
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        420⤵
        
        PID:2300
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        419⤵
        
        PID:2036
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        418⤵
        
        PID:3032
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        417⤵
        
        PID:2988
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        416⤵
        
        PID:2772
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        415⤵
        
        PID:780
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        414⤵
        
        PID:2888
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        413⤵
        
        PID:1304
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        412⤵
        
        PID:2560
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        411⤵
        
        PID:2420
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        410⤵
        
        PID:428
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        409⤵
        
        PID:2248
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        408⤵
        
        PID:2608
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        407⤵
        
        PID:2104
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        406⤵
        
        PID:1880
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        405⤵
        
        PID:1384
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        404⤵
        
        PID:1932
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        403⤵
        
        PID:528
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        402⤵
        
        PID:316
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        401⤵
        
        PID:1636
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        400⤵
        
        PID:2272
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        399⤵
        
        PID:572
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        398⤵
        
        PID:2728
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        397⤵
        
        PID:2392
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        396⤵
        
        PID:1676
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        395⤵
        
        PID:2688
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        394⤵
        
        PID:1484
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        393⤵
        
        PID:1200
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        392⤵
        
        PID:2996
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        391⤵
        
        PID:2200
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        390⤵
        
        PID:2708
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        389⤵
        
        PID:2620
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        388⤵
        
        PID:2716
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        387⤵
        
        PID:1800
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        386⤵
        
        PID:1044
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        385⤵
        
        PID:572
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        384⤵
        
        PID:1392
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        383⤵
        
        PID:748
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        382⤵
        
        PID:2648
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        381⤵
        
        PID:668
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        380⤵
        
        PID:1512
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        379⤵
        
        PID:1960
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        378⤵
        
        PID:2628
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        377⤵
        
        PID:2228
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        376⤵
        
        PID:2464
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        375⤵
        
        PID:2300
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        374⤵
        
        PID:2332
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        373⤵
        
        PID:1592
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        372⤵
        
        PID:772
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        371⤵
        
        PID:1144
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        370⤵
        
        PID:2832
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        369⤵
        
        PID:2212
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        368⤵
        
        PID:2912
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        367⤵
        
        PID:1184
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        366⤵
        
        PID:3004
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        365⤵
        
        PID:2360
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        364⤵
        
        PID:564
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        363⤵
        
        PID:1624
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        362⤵
        
        PID:2160
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        361⤵
        
        PID:2624
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        360⤵
        
        PID:1876
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        359⤵
        
        PID:1540
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        358⤵
        
        PID:2244
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        357⤵
        
        PID:2168
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        356⤵
        
        PID:1980
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        355⤵
        
        PID:2768
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        354⤵
        
        PID:2220
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        353⤵
        
        PID:2804
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        352⤵
        
        PID:2408
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        351⤵
        
        PID:1496
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        350⤵
        
        PID:1544
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        349⤵
        
        PID:1264
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        348⤵
        
        PID:1200
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        347⤵
        
        PID:2764
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        346⤵
        
        PID:2424
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        345⤵
        
        PID:1268
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        344⤵
        
        PID:2740
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        343⤵
        
        PID:2440
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        342⤵
        
        PID:2236
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        341⤵
        
        PID:2272
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        340⤵
        
        PID:284
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        339⤵
        
        PID:2768
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        338⤵
        
        PID:2800
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        337⤵
        
        PID:2584
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        336⤵
        
        PID:528
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        335⤵
        
        PID:1824
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        334⤵
        
        PID:2120
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        333⤵
        
        PID:2548
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        332⤵
        
        PID:828
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        331⤵
        
        PID:3040
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        330⤵
        
        PID:2336
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        329⤵
        
        PID:1732
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        328⤵
        
        PID:2808
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        327⤵
        
        PID:1052
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        326⤵
        
        PID:2636
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        325⤵
        
        PID:2112
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        324⤵
        
        PID:2816
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        323⤵
        
        PID:1684
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        322⤵
        
        PID:1500
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        321⤵
        
        PID:1588
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        320⤵
        
        PID:2464
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        319⤵
        
        PID:2860
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        318⤵
        
        PID:828
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        317⤵
        
        PID:2240
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        316⤵
        
        PID:1724
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        315⤵
        
        PID:1748
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        314⤵
        
        PID:1620
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        313⤵
        
        PID:2160
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        312⤵
        
        PID:1040
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        311⤵
        
        PID:2128
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        310⤵
        
        PID:2908
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        309⤵
        
        PID:2608
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        308⤵
        
        PID:876
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        307⤵
        
        PID:3016
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        306⤵
        
        PID:3040
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        305⤵
        
        PID:1328
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        304⤵
        
        PID:2820
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        303⤵
        
        PID:2832
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        302⤵
        
        PID:2644
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        301⤵
        
        PID:1600
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        300⤵
        
        PID:1260
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        299⤵
        
        PID:1332
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        298⤵
        
        PID:316
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        297⤵
        
        PID:1988
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        296⤵
        
        PID:1520
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        295⤵
        
        PID:2236
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        294⤵
        
        PID:2968
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        293⤵
        
        PID:2984
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        292⤵
        
        PID:2932
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        291⤵
        
        PID:1748
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        290⤵
        
        PID:2960
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        289⤵
        
        PID:2912
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        288⤵
        
        PID:2004
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        287⤵
        
        PID:2708
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        286⤵
        
        PID:2928
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        285⤵
        
        PID:1332
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        284⤵
        
        PID:2336
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        283⤵
        
        PID:1756
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        282⤵
        
        PID:3060
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        281⤵
        
        PID:1156
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        280⤵
        
        PID:1392
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        279⤵
        
        PID:2132
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        278⤵
        
        PID:1964
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        277⤵
        
        PID:2404
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        276⤵
        
        PID:2264
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        275⤵
        
        PID:2548
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        274⤵
        
        PID:1408
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        273⤵
        
        PID:1484
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        272⤵
        
        PID:2020
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        271⤵
        
        PID:2996
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        270⤵
        
        PID:2236
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        269⤵
        
        PID:976
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        268⤵
        
        PID:2676
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        267⤵
        
        PID:2472
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        266⤵
        
        PID:1944
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        265⤵
        
        PID:3032
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        264⤵
        
        PID:1152
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        263⤵
        
        PID:2260
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        262⤵
        
        PID:2196
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        261⤵
        
        PID:2520
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        260⤵
        
        PID:2304
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        259⤵
        
        PID:1856
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        258⤵
        
        PID:2944
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        257⤵
        
        PID:1924
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        256⤵
        
        PID:2188
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        255⤵
        
        PID:2800
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        254⤵
        
        PID:2604
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        253⤵
        
        PID:316
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        252⤵
        
        PID:2860
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        251⤵
        
        PID:2296
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        250⤵
        
        PID:2492
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        249⤵
        
        PID:1540
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        248⤵
        
        PID:2660
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        247⤵
        
        PID:3056
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        246⤵
        
        PID:2556
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        245⤵
        
        PID:1856
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        244⤵
        
        PID:1348
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        243⤵
        
        PID:428
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        242⤵
        
        PID:2712
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        241⤵
        
        PID:1784
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        240⤵
        
        PID:2972
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        239⤵
        
        PID:2604
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        238⤵
        
        PID:1152
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        237⤵
        
        PID:1664
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        236⤵
        
        PID:680
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        235⤵
        
        PID:2904
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        234⤵
        
        PID:2744
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        233⤵
        
        PID:2440
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        232⤵
        
        PID:880
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        231⤵
        
        PID:2784
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        230⤵
        
        PID:428
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        229⤵
        
        PID:2656
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        228⤵
        
        PID:2776
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        227⤵
        
        PID:2968
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        226⤵
        
        PID:2200
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        225⤵
        
        PID:2632
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        224⤵
        
        PID:2488
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        223⤵
        
        PID:2736
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        222⤵
        
        PID:2832
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        221⤵
        
        PID:2596
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        220⤵
        
        PID:1056
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        219⤵
        
        PID:2484
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        218⤵
        
        PID:1408
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        217⤵
        
        PID:2860
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        216⤵
        
        PID:2240
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        215⤵
        
        PID:2648
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        214⤵
        
        PID:2848
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        213⤵
        
        PID:316
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        212⤵
        
        PID:1112
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        211⤵
        
        PID:1924
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        210⤵
        
        PID:2248
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        209⤵
        
        PID:1944
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        208⤵
        
        PID:2188
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        207⤵
        
        PID:2692
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        206⤵
        
        PID:1880
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        205⤵
        
        PID:1656
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        204⤵
        
        PID:1932
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        203⤵
        
        PID:2172
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        202⤵
        
        PID:1828
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        201⤵
        
        PID:1328
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        200⤵
        
        PID:884
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        199⤵
        
        PID:1704
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        198⤵
        
        PID:1500
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        197⤵
        
        PID:3016
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        196⤵
        
        PID:2784
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        195⤵
        
        PID:2292
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        194⤵
        
        PID:1636
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        193⤵
        
        PID:2812
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        192⤵
        
        PID:2284
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        191⤵
        
        PID:2824
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        190⤵
        
        PID:2632
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        189⤵
        
        PID:3064
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        188⤵
        
        PID:2320
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        187⤵
        
        PID:1940
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        186⤵
        
        PID:2948
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        185⤵
        
        PID:2544
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        184⤵
        
        PID:868
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        183⤵
        
        PID:428
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        182⤵
        
        PID:1724
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        181⤵
        
        PID:2292
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        180⤵
        
        PID:680
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        179⤵
        
        PID:1592
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        178⤵
        
        PID:2608
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        177⤵
        
        PID:2412
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        176⤵
        
        PID:880
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        175⤵
        
        PID:2880
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        174⤵
        
        PID:2964
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        173⤵
        
        PID:2764
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        172⤵
        
        PID:932
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        171⤵
        
        PID:1580
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        170⤵
        
        PID:1256
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        169⤵
        
        PID:2776
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        168⤵
        
        PID:1720
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        167⤵
        
        PID:1856
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        166⤵
        
        PID:2556
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        165⤵
        
        PID:892
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        164⤵
        
        PID:2168
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        163⤵
        
        PID:2596
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        162⤵
        
        PID:2412
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        161⤵
        
        PID:2388
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        160⤵
        
        PID:1464
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        159⤵
        
        PID:2652
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        158⤵
        
        PID:2200
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        157⤵
        
        PID:1964
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        156⤵
        
        PID:1568
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        155⤵
        
        PID:2496
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        154⤵
        
        PID:1624
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        153⤵
        
        PID:2888
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        152⤵
        
        PID:3064
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        151⤵
        
        PID:2900
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        150⤵
        
        PID:1408
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        149⤵
        
        PID:556
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        148⤵
        
        PID:1160
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        147⤵
        
        PID:1756
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        146⤵
        
        PID:2700
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        145⤵
        
        PID:2564
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        144⤵
        
        PID:2868
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        143⤵
        
        PID:2292
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        142⤵
        
        PID:2264
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        141⤵
        
        PID:1988
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        140⤵
        
        PID:1348
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        139⤵
        
        PID:2796
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        138⤵
        
        PID:1948
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        137⤵
        
        PID:2928
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        136⤵
        
        PID:364
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        135⤵
        
        PID:2428
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        134⤵
        
        PID:316
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        133⤵
        
        PID:748
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        132⤵
        
        PID:2748
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        131⤵
        
        PID:588
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        130⤵
        
        PID:1704
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        129⤵
        
        PID:1144
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        128⤵
        
        PID:2040
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        127⤵
        
        PID:2616
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        126⤵
        
        PID:1612
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        125⤵
        
        PID:2604
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        124⤵
        
        PID:932
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        123⤵
        
        PID:2884
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        122⤵
        
        PID:808
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        121⤵
        
        PID:1720
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        120⤵
        
        PID:2124
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        119⤵
        
        PID:2756
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        118⤵
        
        PID:2500
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        117⤵
        
        PID:2576
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        116⤵
        
        PID:2964
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        115⤵
        
        PID:1104
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        114⤵
        
        PID:2784
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        113⤵
        
        PID:2272
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        112⤵
        
        PID:2696
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        111⤵
        
        PID:1544
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        110⤵
        
        PID:1756
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        109⤵
        
        PID:1780
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        108⤵
        
        PID:1288
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        107⤵
        
        PID:2432
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        106⤵
        
        PID:3004
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        105⤵
        
        PID:872
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        104⤵
        
        PID:2844
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        103⤵
        
        PID:1604
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        102⤵
        
        PID:780
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        101⤵
        
        PID:2816
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        100⤵
        
        PID:2928
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        99⤵
        
        PID:776
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        98⤵
        
        PID:2984
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        97⤵
        
        PID:1708
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        96⤵
        
        PID:2664
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        95⤵
        
        PID:2280
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        94⤵
        
        PID:1152
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        93⤵
        
        PID:236
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        92⤵
        
        PID:1656
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        91⤵
        
        PID:1328
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        90⤵
        
        PID:2964
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        89⤵
        
        PID:2148
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        88⤵
        
        PID:1952
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        87⤵
        
        PID:2344
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        86⤵
        
        PID:1940
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        85⤵
        
        PID:980
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        84⤵
        
        PID:2264
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        83⤵
        
        PID:1860
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        82⤵
        
        PID:2664
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        81⤵
        
        PID:2620
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        80⤵
        
        PID:2668
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        79⤵
        
        PID:2156
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        78⤵
        
        PID:2968
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        77⤵
        
        PID:1040
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        76⤵
        
        PID:1016
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        75⤵
        
        PID:2204
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        74⤵
        
        PID:1760
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        73⤵
        
        PID:1952
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        72⤵
        
        PID:1528
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        71⤵
        
        PID:2804
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        70⤵
        
        PID:1960
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        69⤵
        
        PID:2600
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        68⤵
        
        PID:2116
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        67⤵
        
        PID:2408
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        66⤵
        
        PID:912
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        65⤵
        
        PID:2208
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        64⤵
        
        PID:2304
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        63⤵
        
        PID:2124
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        62⤵
        
        PID:2472
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        61⤵
        
        PID:2732
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        60⤵
        
        PID:1644
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        59⤵
        
        PID:1724
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        58⤵
        
        PID:2616
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        57⤵
        
        PID:2784
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        56⤵
        
        PID:1680
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        55⤵
        
        PID:2524
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        54⤵
        
        PID:2332
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        53⤵
        
        PID:1600
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        52⤵
        
        PID:848
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        51⤵
        
        PID:2108
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        50⤵
        
        PID:2888
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        49⤵
        
        PID:2532
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        48⤵
        
        PID:2184
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        47⤵
        
        PID:3052
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        46⤵
        
        PID:2732
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        45⤵
        
        PID:2660
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        44⤵
        
        PID:1500
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        43⤵
        
        PID:2340
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        42⤵
        
        PID:828
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        41⤵
        
        PID:2612
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        40⤵
        
        PID:2036
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        39⤵
        
        PID:2020
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        38⤵
        
        PID:2932
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        37⤵
        
        PID:2744
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        36⤵
        
        PID:2112
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        35⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:1832
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        34⤵
        Executes dropped EXE
        Suspicious behavior: EnumeratesProcesses
        
        PID:2388
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        33⤵
        Executes dropped EXE
        Suspicious behavior: EnumeratesProcesses
        
        PID:932
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        32⤵
        Executes dropped EXE
        Suspicious behavior: EnumeratesProcesses
        
        PID:684
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        31⤵
        Executes dropped EXE
        Suspicious behavior: EnumeratesProcesses
        
        PID:2156
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        30⤵
        Executes dropped EXE
        Suspicious behavior: EnumeratesProcesses
        
        PID:808
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        29⤵
        Executes dropped EXE
        Suspicious behavior: EnumeratesProcesses
        
        PID:1200
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        28⤵
        Executes dropped EXE
        Suspicious behavior: EnumeratesProcesses
        
        PID:2484
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        27⤵
        Executes dropped EXE
        Suspicious behavior: EnumeratesProcesses
        
        PID:2236
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        26⤵
        Executes dropped EXE
        Suspicious behavior: EnumeratesProcesses
        
        PID:2412
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        25⤵
        Executes dropped EXE
        Suspicious behavior: EnumeratesProcesses
        
        PID:2612
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        24⤵
        Executes dropped EXE
        Suspicious behavior: EnumeratesProcesses
        
        PID:2788
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        23⤵
        Executes dropped EXE
        Suspicious behavior: EnumeratesProcesses
        
        PID:1656
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        22⤵
        Executes dropped EXE
        Suspicious behavior: EnumeratesProcesses
        
        PID:528
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        21⤵
        Executes dropped EXE
        Suspicious behavior: EnumeratesProcesses
        
        PID:2920
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        20⤵
        Executes dropped EXE
        Suspicious behavior: EnumeratesProcesses
        
        PID:1784
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        19⤵
        Executes dropped EXE
        Suspicious behavior: EnumeratesProcesses
        
        PID:2808
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        18⤵
        Executes dropped EXE
        Suspicious behavior: EnumeratesProcesses
        
        PID:1324
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        17⤵
        Executes dropped EXE
        Suspicious behavior: EnumeratesProcesses
        
        PID:1336
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        16⤵
        Executes dropped EXE
        Suspicious behavior: EnumeratesProcesses
        
        PID:2124
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        15⤵
        Executes dropped EXE
        Suspicious behavior: EnumeratesProcesses
        
        PID:2280
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        14⤵
        Executes dropped EXE
        Suspicious behavior: EnumeratesProcesses
        
        PID:2608
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        13⤵
        Executes dropped EXE
        Suspicious behavior: EnumeratesProcesses
        
        PID:1572
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        12⤵
        Executes dropped EXE
        Suspicious behavior: EnumeratesProcesses
        
        PID:2412
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        11⤵
        Executes dropped EXE
        Suspicious behavior: EnumeratesProcesses
        
        PID:2188
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        10⤵
        Executes dropped EXE
        Suspicious behavior: EnumeratesProcesses
        
        PID:1304
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        9⤵
        Executes dropped EXE
        Suspicious behavior: EnumeratesProcesses
        
        PID:2984
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        8⤵
        Executes dropped EXE
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of WriteProcessMemory
        
        PID:2892
        
        C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        7⤵
        Executes dropped EXE
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of WriteProcessMemory
        
        PID:2920
      - C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        6⤵
        Executes dropped EXE
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of WriteProcessMemory
        
        PID:1104
    - - C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
        5⤵
        Executes dropped EXE
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of WriteProcessMemory
        
        PID:2688
  - - C:\Users\Admin\AppData\Local\Temp\SERVER.EXE
      "C:\Users\Admin\AppData\Local\Temp\SERVER.EXE"
      4⤵
      Executes dropped EXE
      Suspicious behavior: EnumeratesProcesses
      Suspicious use of WriteProcessMemory
      PID:2320

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\SERVER.EXE

Filesize
50KB

MD5
6b60479c101b2057bee082deb3ba93f3

SHA1
aa46de0703639e30d65259ac7a79b116afdc40fe

SHA256
eff34f42faee5c5e524f668e8e9a89823fd5426cc3cb73f52daf5c444e5baf37

SHA512
37ed7a0556dbcbbbf1b48a17f44711c411c841d6089e59797510a35a20fc900ebf2c7ff66c63fd3a55c26652fb35f8b35d5a213cfda596e537541231938e0273

Download Submit
C:\Users\Admin\AppData\Local\Temp\SETTINGS

Filesize
5B

MD5
6bf04f14e80003fc41d259c1bd03e020

SHA1
fc3d4642b2b914d099878501c7d6be9090944514

SHA256
4bb5730ff2b704ad75c060e9d610880d20ffd3d906039a4822ce80a4cad3c498

SHA512
ef663417e50d429c0da5f95766bfbe0d85ea526fef0af33974977909adb194ff093019c45b409f8641d53c8d4daf9ae900154d214072959ad2193bda27e33ac7

Download Submit
C:\Users\Admin\AppData\Roaming\addon.dat

Filesize
21KB

MD5
963d21dfffcd109d7b48d99abbdd5211

SHA1
08c20cd72f2cf8b45a69a3b6ebfea21a25fcfd23

SHA256
63351e12c49d59aa7a7d88698843f9575fdad830bc644a3c886a28f459cad129

SHA512
1885c186cc2a866a280f3875560c3ce98e93f6587aaec6cd527049ee0440be02e6ce9b89ce4b3728d66b7cfab6398cca72636fc68a66e2948c690f346b9403bd

Download Submit
\Users\Admin\AppData\Local\Temp\gliderdeploy.exe

Filesize
1.8MB

MD5
982c6b28f54ae21246cd475446966a6d

SHA1
46e63fad84a643faa5ab4447f4bbf6b76fedaca1

SHA256
9aa31e35ec0f1391c25e4c950b5139924add75218cc52017c32ef52eba3a8617

SHA512
ae5e71f78016e4b282a2d36aede1d9771c213dee8f0485aa259a1ac2991ffd8002512349051cee0f10ee8e74a5de2d0c9e642d0640f01b9b1b6da6689b1af905

Download Submit
memory/528-486-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/528-904-0x0000000002620000-0x0000000002629000-memory.dmp

Filesize
36KB

Download
memory/684-745-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/808-689-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/896-502-0x0000000000570000-0x0000000000579000-memory.dmp

Filesize
36KB

Download
memory/896-503-0x0000000000570000-0x0000000000579000-memory.dmp

Filesize
36KB

Download
memory/932-767-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/1104-78-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/1152-1208-0x0000000000530000-0x0000000000539000-memory.dmp

Filesize
36KB

Download
memory/1152-1210-0x0000000000530000-0x0000000000539000-memory.dmp

Filesize
36KB

Download
memory/1200-668-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/1204-54-0x000000007EFA0000-0x000000007EFA6000-memory.dmp

Filesize
24KB

Download
memory/1204-29-0x000000007FFF0000-0x000000007FFF1000-memory.dmp

Filesize
4KB

Download
memory/1252-132-0x0000000049240000-0x000000004940C000-memory.dmp

Filesize
1.8MB

Download
memory/1264-121-0x0000000049240000-0x000000004940C000-memory.dmp

Filesize
1.8MB

Download
memory/1264-107-0x0000000002020000-0x0000000002029000-memory.dmp

Filesize
36KB

Download
memory/1264-679-0x0000000002620000-0x0000000002629000-memory.dmp

Filesize
36KB

Download
memory/1292-1394-0x0000000000510000-0x0000000000519000-memory.dmp

Filesize
36KB

Download
memory/1292-458-0x0000000000410000-0x0000000000419000-memory.dmp

Filesize
36KB

Download
memory/1304-204-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/1336-394-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/1400-786-0x0000000002720000-0x0000000002729000-memory.dmp

Filesize
36KB

Download
memory/1400-788-0x0000000002720000-0x0000000002729000-memory.dmp

Filesize
36KB

Download
memory/1508-1435-0x00000000023A0000-0x00000000023A9000-memory.dmp

Filesize
36KB

Download
memory/1524-762-0x00000000005B0000-0x00000000005B9000-memory.dmp

Filesize
36KB

Download
memory/1524-757-0x00000000005B0000-0x00000000005B9000-memory.dmp

Filesize
36KB

Download
memory/1572-295-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/1604-1149-0x00000000021E0000-0x00000000021E9000-memory.dmp

Filesize
36KB

Download
memory/1676-805-0x00000000024E0000-0x00000000024E9000-memory.dmp

Filesize
36KB

Download
memory/1712-1507-0x0000000002620000-0x0000000002629000-memory.dmp

Filesize
36KB

Download
memory/1720-708-0x0000000002260000-0x0000000002269000-memory.dmp

Filesize
36KB

Download
memory/1756-1322-0x00000000024E0000-0x00000000024E9000-memory.dmp

Filesize
36KB

Download
memory/1780-1285-0x0000000000520000-0x0000000000529000-memory.dmp

Filesize
36KB

Download
memory/1780-1284-0x0000000000520000-0x0000000000529000-memory.dmp

Filesize
36KB

Download
memory/1784-443-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/1792-949-0x00000000024E0000-0x00000000024E9000-memory.dmp

Filesize
36KB

Download
memory/1792-954-0x00000000024E0000-0x00000000024E9000-memory.dmp

Filesize
36KB

Download
memory/1800-152-0x0000000000570000-0x0000000000579000-memory.dmp

Filesize
36KB

Download
memory/1800-154-0x0000000000570000-0x0000000000579000-memory.dmp

Filesize
36KB

Download
memory/1868-887-0x00000000024E0000-0x00000000024E9000-memory.dmp

Filesize
36KB

Download
memory/1868-879-0x00000000023A0000-0x00000000023A9000-memory.dmp

Filesize
36KB

Download
memory/2020-913-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2104-1052-0x00000000020E0000-0x00000000020E9000-memory.dmp

Filesize
36KB

Download
memory/2132-858-0x00000000024E0000-0x00000000024E9000-memory.dmp

Filesize
36KB

Download
memory/2156-713-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2196-1541-0x00000000023A0000-0x00000000023A9000-memory.dmp

Filesize
36KB

Download
memory/2268-1496-0x0000000000490000-0x0000000000499000-memory.dmp

Filesize
36KB

Download
memory/2268-1497-0x0000000000490000-0x0000000000499000-memory.dmp

Filesize
36KB

Download
memory/2268-1178-0x00000000023A0000-0x00000000023A9000-memory.dmp

Filesize
36KB

Download
memory/2280-338-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2308-1265-0x00000000020A0000-0x00000000020A9000-memory.dmp

Filesize
36KB

Download
memory/2308-1257-0x00000000020A0000-0x00000000020A9000-memory.dmp

Filesize
36KB

Download
memory/2316-979-0x00000000023A0000-0x00000000023A9000-memory.dmp

Filesize
36KB

Download
memory/2320-102-0x0000000010000000-0x0000000010011000-memory.dmp

Filesize
68KB

Download
memory/2320-32-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2340-1019-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2340-1411-0x00000000021A0000-0x00000000021A9000-memory.dmp

Filesize
36KB

Download
memory/2340-1410-0x0000000002160000-0x0000000002169000-memory.dmp

Filesize
36KB

Download
memory/2412-703-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2412-260-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2432-1228-0x00000000023A0000-0x00000000023A9000-memory.dmp

Filesize
36KB

Download
memory/2436-1123-0x0000000001F40000-0x0000000001F49000-memory.dmp

Filesize
36KB

Download
memory/2436-1124-0x0000000001F40000-0x0000000001F49000-memory.dmp

Filesize
36KB

Download
memory/2492-580-0x00000000023A0000-0x00000000023A9000-memory.dmp

Filesize
36KB

Download
memory/2532-1256-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2548-628-0x0000000000440000-0x0000000000449000-memory.dmp

Filesize
36KB

Download
memory/2584-1367-0x00000000023A0000-0x00000000023A9000-memory.dmp

Filesize
36KB

Download
memory/2608-380-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2612-959-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2628-931-0x0000000000740000-0x0000000000749000-memory.dmp

Filesize
36KB

Download
memory/2628-929-0x0000000000740000-0x0000000000749000-memory.dmp

Filesize
36KB

Download
memory/2660-1466-0x00000000023A0000-0x00000000023A9000-memory.dmp

Filesize
36KB

Download
memory/2660-1053-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2684-328-0x00000000023A0000-0x00000000023A9000-memory.dmp

Filesize
36KB

Download
memory/2684-333-0x00000000023A0000-0x00000000023A9000-memory.dmp

Filesize
36KB

Download
memory/2688-134-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2712-66-0x0000000049240000-0x000000004940C000-memory.dmp

Filesize
1.8MB

Download
memory/2732-1085-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2756-736-0x0000000002160000-0x0000000002169000-memory.dmp

Filesize
36KB

Download
memory/2784-1440-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2792-1348-0x00000000023E0000-0x00000000023E9000-memory.dmp

Filesize
36KB

Download
memory/2808-428-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2812-657-0x00000000024E0000-0x00000000024E9000-memory.dmp

Filesize
36KB

Download
memory/2812-655-0x00000000024E0000-0x00000000024E9000-memory.dmp

Filesize
36KB

Download
memory/2816-24-0x00000000024E0000-0x00000000024E9000-memory.dmp

Filesize
36KB

Download
memory/2816-18-0x00000000024E0000-0x00000000024E9000-memory.dmp

Filesize
36KB

Download
memory/2816-34-0x0000000049240000-0x000000004940C000-memory.dmp

Filesize
1.8MB

Download
memory/2840-389-0x00000000024E0000-0x00000000024E9000-memory.dmp

Filesize
36KB

Download
memory/2840-387-0x00000000024E0000-0x00000000024E9000-memory.dmp

Filesize
36KB

Download
memory/2856-41-0x00000000023A0000-0x00000000023A9000-memory.dmp

Filesize
36KB

Download
memory/2856-53-0x0000000049240000-0x000000004940C000-memory.dmp

Filesize
1.8MB

Download
memory/2856-40-0x00000000023A0000-0x00000000023A9000-memory.dmp

Filesize
36KB

Download
memory/2860-304-0x0000000002620000-0x0000000002629000-memory.dmp

Filesize
36KB

Download
memory/2880-423-0x00000000023E0000-0x00000000023E9000-memory.dmp

Filesize
36KB

Download
memory/2888-1183-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2892-131-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2920-464-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2920-115-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2968-558-0x00000000024E0000-0x00000000024E9000-memory.dmp

Filesize
36KB

Download
memory/2968-560-0x00000000024E0000-0x00000000024E9000-memory.dmp

Filesize
36KB

Download
memory/2976-1102-0x00000000023A0000-0x00000000023A9000-memory.dmp

Filesize
36KB

Download
memory/2976-1104-0x00000000023A0000-0x00000000023A9000-memory.dmp

Filesize
36KB

Download
memory/3064-598-0x00000000005A0000-0x00000000005A9000-memory.dmp

Filesize
36KB

Download
memory/3064-610-0x00000000005A0000-0x00000000005A9000-memory.dmp

Filesize
36KB

Download