cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59c

General

Target

cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll
Size

166KB
MD5

17e49cec0ce20d60fadf757e7c2a3640
SHA1

ba3ec549114a45f85fafe3c444ab4086613ea903
SHA256

cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59c
SHA512

25b8eb4260a17ae9a98c9470edd9430cb54e2b27353fe6f8d25efe9bfd9f8016ad88a8d5211efb0b313b886efddcfdaf90cd3df05a7d6441571c75fde034b999
SSDEEP

3072:/mu50sK9wH9ze5n5E8cj3WVvbHN3FBbALmp8utTBflJwxpnwlfr:/mu50s4wH9y5n5EFWVvbN3FBMrutTBvV

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 64 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

Processes:

rundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

rundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exerundll32.exe

description	pid	process	target process
PID 872 wrote to memory of 4988	872	rundll32.exe	rundll32.exe
PID 872 wrote to memory of 4988	872	rundll32.exe	rundll32.exe
PID 872 wrote to memory of 4988	872	rundll32.exe	rundll32.exe
PID 4988 wrote to memory of 3936	4988	rundll32.exe	rundll32.exe
PID 4988 wrote to memory of 3936	4988	rundll32.exe	rundll32.exe
PID 4988 wrote to memory of 3936	4988	rundll32.exe	rundll32.exe
PID 3936 wrote to memory of 4248	3936	rundll32.exe	rundll32.exe
PID 3936 wrote to memory of 4248	3936	rundll32.exe	rundll32.exe
PID 3936 wrote to memory of 4248	3936	rundll32.exe	rundll32.exe
PID 4248 wrote to memory of 2720	4248	rundll32.exe	rundll32.exe
PID 4248 wrote to memory of 2720	4248	rundll32.exe	rundll32.exe
PID 4248 wrote to memory of 2720	4248	rundll32.exe	rundll32.exe
PID 2720 wrote to memory of 4992	2720	rundll32.exe	rundll32.exe
PID 2720 wrote to memory of 4992	2720	rundll32.exe	rundll32.exe
PID 2720 wrote to memory of 4992	2720	rundll32.exe	rundll32.exe
PID 4992 wrote to memory of 3180	4992	rundll32.exe	rundll32.exe
PID 4992 wrote to memory of 3180	4992	rundll32.exe	rundll32.exe
PID 4992 wrote to memory of 3180	4992	rundll32.exe	rundll32.exe
PID 3180 wrote to memory of 708	3180	rundll32.exe	rundll32.exe
PID 3180 wrote to memory of 708	3180	rundll32.exe	rundll32.exe
PID 3180 wrote to memory of 708	3180	rundll32.exe	rundll32.exe
PID 708 wrote to memory of 1040	708	rundll32.exe	rundll32.exe
PID 708 wrote to memory of 1040	708	rundll32.exe	rundll32.exe
PID 708 wrote to memory of 1040	708	rundll32.exe	rundll32.exe
PID 1040 wrote to memory of 464	1040	rundll32.exe	rundll32.exe
PID 1040 wrote to memory of 464	1040	rundll32.exe	rundll32.exe
PID 1040 wrote to memory of 464	1040	rundll32.exe	rundll32.exe
PID 464 wrote to memory of 4760	464	rundll32.exe	rundll32.exe
PID 464 wrote to memory of 4760	464	rundll32.exe	rundll32.exe
PID 464 wrote to memory of 4760	464	rundll32.exe	rundll32.exe
PID 4760 wrote to memory of 3396	4760	rundll32.exe	rundll32.exe
PID 4760 wrote to memory of 3396	4760	rundll32.exe	rundll32.exe
PID 4760 wrote to memory of 3396	4760	rundll32.exe	rundll32.exe
PID 3396 wrote to memory of 4296	3396	rundll32.exe	rundll32.exe
PID 3396 wrote to memory of 4296	3396	rundll32.exe	rundll32.exe
PID 3396 wrote to memory of 4296	3396	rundll32.exe	rundll32.exe
PID 4296 wrote to memory of 908	4296	rundll32.exe	rundll32.exe
PID 4296 wrote to memory of 908	4296	rundll32.exe	rundll32.exe
PID 4296 wrote to memory of 908	4296	rundll32.exe	rundll32.exe
PID 908 wrote to memory of 2524	908	rundll32.exe	rundll32.exe
PID 908 wrote to memory of 2524	908	rundll32.exe	rundll32.exe
PID 908 wrote to memory of 2524	908	rundll32.exe	rundll32.exe
PID 2524 wrote to memory of 5016	2524	rundll32.exe	rundll32.exe
PID 2524 wrote to memory of 5016	2524	rundll32.exe	rundll32.exe
PID 2524 wrote to memory of 5016	2524	rundll32.exe	rundll32.exe
PID 5016 wrote to memory of 668	5016	rundll32.exe	rundll32.exe
PID 5016 wrote to memory of 668	5016	rundll32.exe	rundll32.exe
PID 5016 wrote to memory of 668	5016	rundll32.exe	rundll32.exe
PID 668 wrote to memory of 4636	668	rundll32.exe	rundll32.exe
PID 668 wrote to memory of 4636	668	rundll32.exe	rundll32.exe
PID 668 wrote to memory of 4636	668	rundll32.exe	rundll32.exe
PID 4636 wrote to memory of 3292	4636	rundll32.exe	rundll32.exe
PID 4636 wrote to memory of 3292	4636	rundll32.exe	rundll32.exe
PID 4636 wrote to memory of 3292	4636	rundll32.exe	rundll32.exe
PID 3292 wrote to memory of 2972	3292	rundll32.exe	rundll32.exe
PID 3292 wrote to memory of 2972	3292	rundll32.exe	rundll32.exe
PID 3292 wrote to memory of 2972	3292	rundll32.exe	rundll32.exe
PID 2972 wrote to memory of 5096	2972	rundll32.exe	rundll32.exe
PID 2972 wrote to memory of 5096	2972	rundll32.exe	rundll32.exe
PID 2972 wrote to memory of 5096	2972	rundll32.exe	rundll32.exe
PID 5096 wrote to memory of 2432	5096	rundll32.exe	rundll32.exe
PID 5096 wrote to memory of 2432	5096	rundll32.exe	rundll32.exe
PID 5096 wrote to memory of 2432	5096	rundll32.exe	rundll32.exe
PID 2432 wrote to memory of 4940	2432	rundll32.exe	rundll32.exe

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:872
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
  2⤵
  - Suspicious use of WriteProcessMemory
  PID:4988
- - C:\Windows\SysWOW64\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
    3⤵
    - Suspicious use of WriteProcessMemory
    PID:3936
  - - C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
      4⤵
      Suspicious use of WriteProcessMemory
      PID:4248
    - - C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        5⤵
        Suspicious use of WriteProcessMemory
        
        PID:2720
      - C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        6⤵
        Suspicious use of WriteProcessMemory
        
        PID:4992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        7⤵
        Suspicious use of WriteProcessMemory
        
        PID:3180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        8⤵
        Suspicious use of WriteProcessMemory
        
        PID:708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        9⤵
        Suspicious use of WriteProcessMemory
        
        PID:1040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        10⤵
        Suspicious use of WriteProcessMemory
        
        PID:464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        11⤵
        Suspicious use of WriteProcessMemory
        
        PID:4760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        12⤵
        Suspicious use of WriteProcessMemory
        
        PID:3396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        13⤵
        Suspicious use of WriteProcessMemory
        
        PID:4296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        14⤵
        Suspicious use of WriteProcessMemory
        
        PID:908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        15⤵
        Suspicious use of WriteProcessMemory
        
        PID:2524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        16⤵
        Suspicious use of WriteProcessMemory
        
        PID:5016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        17⤵
        Suspicious use of WriteProcessMemory
        
        PID:668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        18⤵
        Suspicious use of WriteProcessMemory
        
        PID:4636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        19⤵
        Suspicious use of WriteProcessMemory
        
        PID:3292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        20⤵
        Suspicious use of WriteProcessMemory
        
        PID:2972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        21⤵
        Suspicious use of WriteProcessMemory
        
        PID:5096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        22⤵
        Suspicious use of WriteProcessMemory
        
        PID:2432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        23⤵
        
        PID:4940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        24⤵
        
        PID:3660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        25⤵
        
        PID:4428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        26⤵
        
        PID:1200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        27⤵
        
        PID:3808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        28⤵
        
        PID:3580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        29⤵
        
        PID:2456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        30⤵
        
        PID:4384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        31⤵
        
        PID:2496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        32⤵
        
        PID:5080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        33⤵
        
        PID:1524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        34⤵
        
        PID:756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        35⤵
        
        PID:1800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        36⤵
        
        PID:4032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        37⤵
        
        PID:2040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        38⤵
        
        PID:1192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        39⤵
        
        PID:2144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        40⤵
        System Location Discovery: System Language Discovery
        
        PID:1916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        41⤵
        
        PID:1872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        42⤵
        
        PID:4720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        43⤵
        
        PID:2208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        44⤵
        
        PID:3488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        45⤵
        
        PID:4836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        46⤵
        
        PID:2584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        47⤵
        
        PID:3080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        48⤵
        
        PID:1196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        49⤵
        
        PID:644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        50⤵
        
        PID:4716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        51⤵
        
        PID:404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        52⤵
        System Location Discovery: System Language Discovery
        
        PID:4408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        53⤵
        
        PID:2068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        54⤵
        
        PID:2508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        55⤵
        
        PID:2448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        56⤵
        
        PID:3868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        57⤵
        System Location Discovery: System Language Discovery
        
        PID:3604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        58⤵
        System Location Discovery: System Language Discovery
        
        PID:3516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        59⤵
        
        PID:4436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        60⤵
        
        PID:1128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        61⤵
        
        PID:1736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        62⤵
        
        PID:4000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        63⤵
        
        PID:3444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        64⤵
        
        PID:3988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        65⤵
        
        PID:4688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        66⤵
        
        PID:1036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        67⤵
        
        PID:3428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        68⤵
        
        PID:3924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        69⤵
        
        PID:1336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        70⤵
        
        PID:3840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        71⤵
        
        PID:5052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        72⤵
        
        PID:4764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        73⤵
        
        PID:2192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        74⤵
        
        PID:4852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        75⤵
        
        PID:3684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        76⤵
        
        PID:3152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        77⤵
        
        PID:4684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        78⤵
        
        PID:1700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        79⤵
        
        PID:5072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        80⤵
        
        PID:3348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        81⤵
        
        PID:4444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        82⤵
        System Location Discovery: System Language Discovery
        
        PID:4332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        83⤵
        
        PID:3036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        84⤵
        
        PID:4952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        85⤵
        
        PID:448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        86⤵
        
        PID:796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        87⤵
        
        PID:1396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        88⤵
        
        PID:4088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        89⤵
        
        PID:3984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        90⤵
        
        PID:4632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        91⤵
        
        PID:1368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        92⤵
        
        PID:1516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        93⤵
        
        PID:1412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        94⤵
        
        PID:1468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        95⤵
        
        PID:2020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        96⤵
        
        PID:3228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        97⤵
        
        PID:4616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        98⤵
        
        PID:4368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        99⤵
        
        PID:2788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        100⤵
        
        PID:2752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        101⤵
        
        PID:4220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        102⤵
        System Location Discovery: System Language Discovery
        
        PID:4680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        103⤵
        
        PID:1744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        104⤵
        
        PID:4276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        105⤵
        
        PID:4284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        106⤵
        
        PID:2452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        107⤵
        
        PID:5100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        108⤵
        
        PID:1312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        109⤵
        
        PID:4812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        110⤵
        
        PID:1920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        111⤵
        
        PID:5132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        112⤵
        
        PID:5148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        113⤵
        
        PID:5164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        114⤵
        
        PID:5180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        115⤵
        
        PID:5196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        116⤵
        
        PID:5208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        117⤵
        
        PID:5228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        118⤵
        
        PID:5244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        119⤵
        
        PID:5260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        120⤵
        
        PID:5280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        121⤵
        
        PID:5292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        122⤵
        
        PID:5308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        123⤵
        
        PID:5324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        124⤵
        
        PID:5340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        125⤵
        
        PID:5352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        126⤵
        
        PID:5372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        127⤵
        
        PID:5384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        128⤵
        
        PID:5396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        129⤵
        
        PID:5416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        130⤵
        
        PID:5428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        131⤵
        
        PID:5440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        132⤵
        System Location Discovery: System Language Discovery
        
        PID:5456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        133⤵
        
        PID:5472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        134⤵
        
        PID:5484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        135⤵
        
        PID:5504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        136⤵
        
        PID:5520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        137⤵
        
        PID:5532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        138⤵
        
        PID:5548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        139⤵
        
        PID:5560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        140⤵
        
        PID:5576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        141⤵
        
        PID:5592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        142⤵
        
        PID:5608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        143⤵
        
        PID:5624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        144⤵
        
        PID:5640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        145⤵
        
        PID:5656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        146⤵
        
        PID:5668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        147⤵
        
        PID:5684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        148⤵
        
        PID:5700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        149⤵
        
        PID:5716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        150⤵
        
        PID:5732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        151⤵
        
        PID:5748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        152⤵
        
        PID:5760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        153⤵
        
        PID:5776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        154⤵
        
        PID:5788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        155⤵
        
        PID:5808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        156⤵
        
        PID:5820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        157⤵
        
        PID:5836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        158⤵
        
        PID:5852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        159⤵
        
        PID:5868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        160⤵
        
        PID:5880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        161⤵
        
        PID:5900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        162⤵
        
        PID:5916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        163⤵
        
        PID:5932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        164⤵
        
        PID:5948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        165⤵
        
        PID:5964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        166⤵
        
        PID:5976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        167⤵
        
        PID:5992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        168⤵
        
        PID:6008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        169⤵
        
        PID:6024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        170⤵
        
        PID:6036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        171⤵
        
        PID:6052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        172⤵
        
        PID:6068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        173⤵
        
        PID:6084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        174⤵
        
        PID:6096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        175⤵
        
        PID:6112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        176⤵
        
        PID:6128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        177⤵
        
        PID:3028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        178⤵
        
        PID:3148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        179⤵
        
        PID:1088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        180⤵
        
        PID:1020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        181⤵
        
        PID:3860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        182⤵
        
        PID:2564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        183⤵
        System Location Discovery: System Language Discovery
        
        PID:3092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        184⤵
        
        PID:2616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        185⤵
        
        PID:4236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        186⤵
        
        PID:2336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        187⤵
        
        PID:652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        188⤵
        
        PID:1672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        189⤵
        
        PID:612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        190⤵
        
        PID:1856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        191⤵
        
        PID:6160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        192⤵
        
        PID:6176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        193⤵
        
        PID:6192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        194⤵
        
        PID:6208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        195⤵
        
        PID:6224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        196⤵
        
        PID:6240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        197⤵
        System Location Discovery: System Language Discovery
        
        PID:6256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        198⤵
        
        PID:6272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        199⤵
        
        PID:6284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        200⤵
        
        PID:6300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        201⤵
        
        PID:6312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        202⤵
        
        PID:6328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        203⤵
        
        PID:6344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        204⤵
        
        PID:6360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        205⤵
        
        PID:6376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        206⤵
        
        PID:6396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        207⤵
        
        PID:6412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        208⤵
        
        PID:6428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        209⤵
        
        PID:6444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        210⤵
        
        PID:6460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        211⤵
        
        PID:6476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        212⤵
        
        PID:6492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        213⤵
        
        PID:6508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        214⤵
        
        PID:6520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        215⤵
        
        PID:6532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        216⤵
        System Location Discovery: System Language Discovery
        
        PID:6548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        217⤵
        
        PID:6564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        218⤵
        
        PID:6576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        219⤵
        
        PID:6588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        220⤵
        
        PID:6600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        221⤵
        
        PID:6616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        222⤵
        
        PID:6632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        223⤵
        
        PID:6648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        224⤵
        
        PID:6664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        225⤵
        
        PID:6676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        226⤵
        
        PID:6692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        227⤵
        
        PID:6708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        228⤵
        
        PID:6724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        229⤵
        
        PID:6740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        230⤵
        
        PID:6756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        231⤵
        
        PID:6772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        232⤵
        
        PID:6784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        233⤵
        
        PID:6804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        234⤵
        
        PID:6820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        235⤵
        
        PID:6832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        236⤵
        
        PID:6848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        237⤵
        
        PID:6864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        238⤵
        
        PID:6880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        239⤵
        
        PID:6896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        240⤵
        
        PID:6912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        241⤵
        
        PID:6928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        242⤵
        
        PID:6944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        243⤵
        
        PID:6960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        244⤵
        
        PID:6976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        245⤵
        
        PID:6992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        246⤵
        
        PID:7008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        247⤵
        
        PID:7024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        248⤵
        
        PID:7040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        249⤵
        
        PID:7056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        250⤵
        
        PID:7072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        251⤵
        
        PID:7088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        252⤵
        
        PID:7104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        253⤵
        
        PID:7120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        254⤵
        
        PID:7136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        255⤵
        
        PID:7152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        256⤵
        
        PID:5108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        257⤵
        
        PID:372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        258⤵
        
        PID:5048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        259⤵
        
        PID:7184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        260⤵
        
        PID:7196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        261⤵
        
        PID:7208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        262⤵
        
        PID:7220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        263⤵
        
        PID:7236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        264⤵
        
        PID:7252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        265⤵
        
        PID:7268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        266⤵
        
        PID:7284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        267⤵
        
        PID:7296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        268⤵
        
        PID:7316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        269⤵
        
        PID:7328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        270⤵
        
        PID:7344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        271⤵
        
        PID:7364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        272⤵
        System Location Discovery: System Language Discovery
        
        PID:7380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        273⤵
        
        PID:7396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        274⤵
        
        PID:7408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        275⤵
        
        PID:7420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        276⤵
        
        PID:7432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        277⤵
        
        PID:7448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        278⤵
        
        PID:7464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        279⤵
        System Location Discovery: System Language Discovery
        
        PID:7480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        280⤵
        
        PID:7496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        281⤵
        
        PID:7512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        282⤵
        
        PID:7528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        283⤵
        
        PID:7544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        284⤵
        
        PID:7560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        285⤵
        
        PID:7576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        286⤵
        
        PID:7592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        287⤵
        
        PID:7608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        288⤵
        
        PID:7624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        289⤵
        
        PID:7640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        290⤵
        
        PID:7652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        291⤵
        System Location Discovery: System Language Discovery
        
        PID:7664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        292⤵
        
        PID:7684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        293⤵
        
        PID:7700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        294⤵
        
        PID:7732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        295⤵
        
        PID:7752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        296⤵
        
        PID:7764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        297⤵
        
        PID:7784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        298⤵
        
        PID:7800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        299⤵
        
        PID:7816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        300⤵
        
        PID:7832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        301⤵
        
        PID:7844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        302⤵
        
        PID:7860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        303⤵
        
        PID:7876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        304⤵
        
        PID:7888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        305⤵
        
        PID:7904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        306⤵
        
        PID:7920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        307⤵
        
        PID:7936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        308⤵
        
        PID:7952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        309⤵
        
        PID:7964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        310⤵
        System Location Discovery: System Language Discovery
        
        PID:7980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        311⤵
        System Location Discovery: System Language Discovery
        
        PID:7996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        312⤵
        
        PID:8012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        313⤵
        
        PID:8024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        314⤵
        
        PID:8040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        315⤵
        
        PID:8056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        316⤵
        
        PID:8068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        317⤵
        
        PID:8080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        318⤵
        
        PID:8096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        319⤵
        
        PID:8112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        320⤵
        
        PID:8124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        321⤵
        
        PID:8140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        322⤵
        
        PID:8156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        323⤵
        System Location Discovery: System Language Discovery
        
        PID:8172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        324⤵
        
        PID:8184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        325⤵
        
        PID:7692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        326⤵
        
        PID:7720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        327⤵
        
        PID:8208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        328⤵
        
        PID:8220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        329⤵
        
        PID:8240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        330⤵
        
        PID:8252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        331⤵
        
        PID:8272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        332⤵
        
        PID:8284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        333⤵
        
        PID:8304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        334⤵
        
        PID:8320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        335⤵
        
        PID:8332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        336⤵
        
        PID:8352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        337⤵
        
        PID:8364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        338⤵
        
        PID:8384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        339⤵
        
        PID:8404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        340⤵
        System Location Discovery: System Language Discovery
        
        PID:8416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        341⤵
        
        PID:8428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        342⤵
        
        PID:8444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        343⤵
        
        PID:8456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        344⤵
        
        PID:8472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        345⤵
        
        PID:8488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        346⤵
        
        PID:8504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        347⤵
        System Location Discovery: System Language Discovery
        
        PID:8520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        348⤵
        
        PID:8536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        349⤵
        
        PID:8552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        350⤵
        
        PID:8568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        351⤵
        
        PID:8580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        352⤵
        
        PID:8592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        353⤵
        System Location Discovery: System Language Discovery
        
        PID:8604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        354⤵
        
        PID:8620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        355⤵
        
        PID:8636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        356⤵
        
        PID:8652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        357⤵
        
        PID:8664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        358⤵
        
        PID:8680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        359⤵
        
        PID:8692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        360⤵
        
        PID:8716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        361⤵
        
        PID:8728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        362⤵
        
        PID:8748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        363⤵
        
        PID:8760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        364⤵
        
        PID:8780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        365⤵
        
        PID:8800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        366⤵
        
        PID:8836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        367⤵
        
        PID:8872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        368⤵
        
        PID:8884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        369⤵
        
        PID:8900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        370⤵
        
        PID:8912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        371⤵
        
        PID:8932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        372⤵
        
        PID:8948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        373⤵
        
        PID:8968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        374⤵
        
        PID:8984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        375⤵
        
        PID:9000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        376⤵
        
        PID:9012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        377⤵
        
        PID:9028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        378⤵
        
        PID:9044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        379⤵
        
        PID:9060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        380⤵
        
        PID:9076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        381⤵
        
        PID:9092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        382⤵
        System Location Discovery: System Language Discovery
        
        PID:9104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        383⤵
        
        PID:9116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        384⤵
        
        PID:9136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        385⤵
        
        PID:9152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        386⤵
        
        PID:9164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        387⤵
        System Location Discovery: System Language Discovery
        
        PID:9176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        388⤵
        
        PID:9192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        389⤵
        
        PID:9204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        390⤵
        
        PID:8816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        391⤵
        
        PID:9228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        392⤵
        
        PID:9240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        393⤵
        
        PID:9256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        394⤵
        
        PID:9272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        395⤵
        
        PID:9288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        396⤵
        
        PID:9304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        397⤵
        
        PID:9316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        398⤵
        System Location Discovery: System Language Discovery
        
        PID:9328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        399⤵
        
        PID:9360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        400⤵
        
        PID:9372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        401⤵
        
        PID:9388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        402⤵
        
        PID:9432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        403⤵
        
        PID:9464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        404⤵
        
        PID:9492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        405⤵
        
        PID:9512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        406⤵
        
        PID:9528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        407⤵
        
        PID:9544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        408⤵
        
        PID:9580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        409⤵
        System Location Discovery: System Language Discovery
        
        PID:9640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        410⤵
        
        PID:9660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        411⤵
        
        PID:9688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        412⤵
        
        PID:9704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        413⤵
        
        PID:9716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        414⤵
        
        PID:9732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        415⤵
        
        PID:9748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        416⤵
        
        PID:9772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        417⤵
        
        PID:9792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        418⤵
        
        PID:9812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        419⤵
        
        PID:9828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        420⤵
        
        PID:9856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        421⤵
        
        PID:9872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        422⤵
        
        PID:9888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        423⤵
        
        PID:9904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        424⤵
        
        PID:9920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        425⤵
        
        PID:9936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        426⤵
        
        PID:9948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        427⤵
        
        PID:9964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        428⤵
        
        PID:9976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        429⤵
        
        PID:9996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        430⤵
        System Location Discovery: System Language Discovery
        
        PID:10008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        431⤵
        
        PID:10020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        432⤵
        
        PID:10036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        433⤵
        
        PID:10048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        434⤵
        
        PID:10064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        435⤵
        
        PID:10080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        436⤵
        
        PID:10092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        437⤵
        
        PID:10104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        438⤵
        
        PID:10124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        439⤵
        
        PID:10140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        440⤵
        
        PID:10156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        441⤵
        System Location Discovery: System Language Discovery
        
        PID:10168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        442⤵
        
        PID:10188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        443⤵
        System Location Discovery: System Language Discovery
        
        PID:10204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        444⤵
        
        PID:10220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        445⤵
        
        PID:10236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        446⤵
        
        PID:10248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        447⤵
        
        PID:10264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        448⤵
        System Location Discovery: System Language Discovery
        
        PID:10280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        449⤵
        
        PID:10292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        450⤵
        
        PID:10308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        451⤵
        
        PID:10324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        452⤵
        
        PID:10336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        453⤵
        
        PID:10356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        454⤵
        
        PID:10372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        455⤵
        System Location Discovery: System Language Discovery
        
        PID:10388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        456⤵
        
        PID:10404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        457⤵
        
        PID:10420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        458⤵
        
        PID:10436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        459⤵
        
        PID:10452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        460⤵
        
        PID:10468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        461⤵
        
        PID:10484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        462⤵
        
        PID:10500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        463⤵
        
        PID:10512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        464⤵
        
        PID:10528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        465⤵
        
        PID:10540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        466⤵
        
        PID:10556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        467⤵
        
        PID:10568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        468⤵
        
        PID:10580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        469⤵
        
        PID:10596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        470⤵
        
        PID:10612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        471⤵
        
        PID:10628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        472⤵
        
        PID:10644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        473⤵
        
        PID:10656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        474⤵
        
        PID:10672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        475⤵
        
        PID:10684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        476⤵
        
        PID:10700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        477⤵
        System Location Discovery: System Language Discovery
        
        PID:10716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        478⤵
        
        PID:10732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        479⤵
        
        PID:10748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        480⤵
        
        PID:10764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        481⤵
        
        PID:10780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        482⤵
        
        PID:10792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        483⤵
        
        PID:10808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        484⤵
        
        PID:10820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        485⤵
        
        PID:10836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        486⤵
        
        PID:10852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        487⤵
        
        PID:10868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        488⤵
        
        PID:10880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        489⤵
        
        PID:10896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        490⤵
        
        PID:10908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        491⤵
        
        PID:10920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        492⤵
        System Location Discovery: System Language Discovery
        
        PID:10936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        493⤵
        
        PID:10952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        494⤵
        
        PID:10968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        495⤵
        
        PID:10984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        496⤵
        
        PID:10996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        497⤵
        
        PID:11012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        498⤵
        
        PID:11028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        499⤵
        
        PID:11040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        500⤵
        
        PID:11052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        501⤵
        
        PID:11068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        502⤵
        
        PID:11092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        503⤵
        
        PID:11128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        504⤵
        
        PID:11160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        505⤵
        System Location Discovery: System Language Discovery
        
        PID:11172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        506⤵
        
        PID:11184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        507⤵
        
        PID:11200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        508⤵
        
        PID:11220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        509⤵
        
        PID:11236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        510⤵
        System Location Discovery: System Language Discovery
        
        PID:11252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        511⤵
        
        PID:10588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        512⤵
        
        PID:11268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        513⤵
        
        PID:11284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        514⤵
        
        PID:11296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        515⤵
        
        PID:11312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        516⤵
        
        PID:11328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        517⤵
        
        PID:11344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        518⤵
        
        PID:11356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        519⤵
        
        PID:11372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        520⤵
        
        PID:11388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        521⤵
        
        PID:11404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        522⤵
        
        PID:11420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        523⤵
        
        PID:11436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        524⤵
        
        PID:11452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        525⤵
        
        PID:11464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        526⤵
        
        PID:11480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        527⤵
        
        PID:11496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        528⤵
        
        PID:11508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        529⤵
        
        PID:11524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        530⤵
        
        PID:11540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        531⤵
        
        PID:11556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        532⤵
        
        PID:11572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        533⤵
        System Location Discovery: System Language Discovery
        
        PID:11588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        534⤵
        
        PID:11604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        535⤵
        
        PID:11620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        536⤵
        
        PID:11636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        537⤵
        System Location Discovery: System Language Discovery
        
        PID:11652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        538⤵
        System Location Discovery: System Language Discovery
        
        PID:11664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        539⤵
        System Location Discovery: System Language Discovery
        
        PID:11684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        540⤵
        System Location Discovery: System Language Discovery
        
        PID:11700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        541⤵
        
        PID:11712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        542⤵
        
        PID:11724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        543⤵
        
        PID:11740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        544⤵
        
        PID:11752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        545⤵
        
        PID:11768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        546⤵
        
        PID:11784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        547⤵
        
        PID:11800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        548⤵
        
        PID:11812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        549⤵
        
        PID:11828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        550⤵
        
        PID:11848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        551⤵
        
        PID:11864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        552⤵
        
        PID:11880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        553⤵
        
        PID:11892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        554⤵
        System Location Discovery: System Language Discovery
        
        PID:11904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        555⤵
        
        PID:11916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        556⤵
        
        PID:11936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        557⤵
        
        PID:11952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        558⤵
        
        PID:11968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        559⤵
        
        PID:11980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        560⤵
        
        PID:11996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        561⤵
        System Location Discovery: System Language Discovery
        
        PID:12012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        562⤵
        
        PID:12024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        563⤵
        
        PID:12036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        564⤵
        
        PID:12052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        565⤵
        
        PID:12068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        566⤵
        
        PID:12084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        567⤵
        
        PID:12100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        568⤵
        
        PID:12116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        569⤵
        
        PID:12128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        570⤵
        
        PID:12144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        571⤵
        
        PID:12156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        572⤵
        
        PID:12172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        573⤵
        
        PID:12188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        574⤵
        
        PID:12204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        575⤵
        
        PID:12220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        576⤵
        
        PID:12236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        577⤵
        
        PID:12252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        578⤵
        
        PID:12264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        579⤵
        
        PID:12276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        580⤵
        System Location Discovery: System Language Discovery
        
        PID:11216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        581⤵
        
        PID:12304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        582⤵
        
        PID:12320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        583⤵
        
        PID:12332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        584⤵
        
        PID:12348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        585⤵
        
        PID:12360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        586⤵
        
        PID:12376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        587⤵
        
        PID:12388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        588⤵
        
        PID:12404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        589⤵
        
        PID:12416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        590⤵
        
        PID:12432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        591⤵
        
        PID:12448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        592⤵
        System Location Discovery: System Language Discovery
        
        PID:12460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        593⤵
        
        PID:12484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        594⤵
        
        PID:12496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        595⤵
        
        PID:12512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        596⤵
        System Location Discovery: System Language Discovery
        
        PID:12524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        597⤵
        
        PID:12540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        598⤵
        
        PID:12556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        599⤵
        
        PID:12572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        600⤵
        
        PID:12588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        601⤵
        
        PID:12604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        602⤵
        System Location Discovery: System Language Discovery
        
        PID:12620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        603⤵
        
        PID:12636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        604⤵
        System Location Discovery: System Language Discovery
        
        PID:12648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        605⤵
        
        PID:12664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        606⤵
        
        PID:12688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        607⤵
        
        PID:12712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        608⤵
        
        PID:12768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        609⤵
        
        PID:12788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        610⤵
        
        PID:12808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        611⤵
        
        PID:12856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        612⤵
        
        PID:12880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        613⤵
        System Location Discovery: System Language Discovery
        
        PID:12900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        614⤵
        
        PID:12916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        615⤵
        
        PID:12944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        616⤵
        
        PID:12964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        617⤵
        
        PID:12980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        618⤵
        
        PID:12996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        619⤵
        
        PID:13008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        620⤵
        
        PID:13024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        621⤵
        
        PID:13040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        622⤵
        
        PID:13056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        623⤵
        
        PID:13072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        624⤵
        
        PID:13084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        625⤵
        
        PID:13100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        626⤵
        
        PID:13116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        627⤵
        
        PID:13132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        628⤵
        System Location Discovery: System Language Discovery
        
        PID:13148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        629⤵
        
        PID:13164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        630⤵
        System Location Discovery: System Language Discovery
        
        PID:13180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        631⤵
        
        PID:13196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        632⤵
        
        PID:13208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        633⤵
        
        PID:13224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        634⤵
        
        PID:13236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        635⤵
        
        PID:13252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        636⤵
        
        PID:13268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        637⤵
        
        PID:13288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        638⤵
        
        PID:13304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        639⤵
        
        PID:12472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        640⤵
        
        PID:13328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        641⤵
        
        PID:13340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        642⤵
        
        PID:13356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        643⤵
        
        PID:13376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        644⤵
        
        PID:13388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        645⤵
        
        PID:13404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        646⤵
        System Location Discovery: System Language Discovery
        
        PID:13416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        647⤵
        
        PID:13436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        648⤵
        
        PID:13452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        649⤵
        
        PID:13468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        650⤵
        
        PID:13484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        651⤵
        
        PID:13504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        652⤵
        
        PID:13520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        653⤵
        
        PID:13536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        654⤵
        
        PID:13552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        655⤵
        
        PID:13564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        656⤵
        
        PID:13580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        657⤵
        
        PID:13596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        658⤵
        
        PID:13612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        659⤵
        
        PID:13628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        660⤵
        
        PID:13644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        661⤵
        
        PID:13660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        662⤵
        
        PID:13676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        663⤵
        
        PID:13692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        664⤵
        
        PID:13708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        665⤵
        
        PID:13724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        666⤵
        
        PID:13740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        667⤵
        
        PID:13756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        668⤵
        
        PID:13772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        669⤵
        
        PID:13788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        670⤵
        
        PID:13804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        671⤵
        
        PID:13820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        672⤵
        
        PID:13836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        673⤵
        
        PID:13848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        674⤵
        
        PID:13864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        675⤵
        
        PID:13880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        676⤵
        
        PID:13896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        677⤵
        
        PID:13908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        678⤵
        
        PID:13932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        679⤵
        
        PID:13944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        680⤵
        
        PID:13960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        681⤵
        
        PID:13976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        682⤵
        System Location Discovery: System Language Discovery
        
        PID:13996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        683⤵
        
        PID:14012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        684⤵
        
        PID:14028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        685⤵
        
        PID:14044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        686⤵
        
        PID:14060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        687⤵
        System Location Discovery: System Language Discovery
        
        PID:14072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        688⤵
        
        PID:14084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        689⤵
        
        PID:14100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        690⤵
        
        PID:14116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        691⤵
        
        PID:14132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        692⤵
        
        PID:14148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        693⤵
        
        PID:14164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        694⤵
        
        PID:14188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        695⤵
        
        PID:14204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        696⤵
        
        PID:14220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        697⤵
        
        PID:14236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        698⤵
        
        PID:14252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        699⤵
        
        PID:14264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        700⤵
        
        PID:14284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        701⤵
        System Location Discovery: System Language Discovery
        
        PID:14296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        702⤵
        
        PID:14312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        703⤵
        
        PID:14332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        704⤵
        
        PID:14344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        705⤵
        
        PID:14364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        706⤵
        
        PID:14376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        707⤵
        
        PID:14388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        708⤵
        
        PID:14412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        709⤵
        
        PID:14444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        710⤵
        
        PID:14460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        711⤵
        
        PID:14476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        712⤵
        
        PID:14488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        713⤵
        
        PID:14504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        714⤵
        
        PID:14524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        715⤵
        
        PID:14536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        716⤵
        
        PID:14552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        717⤵
        
        PID:14572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        718⤵
        
        PID:14588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        719⤵
        
        PID:14600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        720⤵
        
        PID:14620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        721⤵
        
        PID:14644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        722⤵
        
        PID:14664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        723⤵
        
        PID:14676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        724⤵
        
        PID:14692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        725⤵
        System Location Discovery: System Language Discovery
        
        PID:14708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        726⤵
        
        PID:14724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        727⤵
        
        PID:14744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        728⤵
        
        PID:14764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        729⤵
        
        PID:14780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        730⤵
        
        PID:14792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        731⤵
        
        PID:14812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        732⤵
        
        PID:14828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        733⤵
        
        PID:14840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        734⤵
        
        PID:14856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        735⤵
        
        PID:14872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        736⤵
        
        PID:14888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        737⤵
        
        PID:14900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        738⤵
        
        PID:14920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        739⤵
        
        PID:14936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        740⤵
        
        PID:14952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        741⤵
        
        PID:14968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        742⤵
        
        PID:14984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        743⤵
        
        PID:14996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        744⤵
        
        PID:15016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        745⤵
        
        PID:15032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        746⤵
        
        PID:15048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        747⤵
        
        PID:15060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        748⤵
        
        PID:15072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        749⤵
        
        PID:15088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        750⤵
        
        PID:15100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        751⤵
        
        PID:15112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        752⤵
        
        PID:15128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        753⤵
        
        PID:15144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        754⤵
        
        PID:15156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        755⤵
        System Location Discovery: System Language Discovery
        
        PID:15172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        756⤵
        
        PID:15188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        757⤵
        
        PID:15204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        758⤵
        
        PID:15220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        759⤵
        
        PID:15236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        760⤵
        System Location Discovery: System Language Discovery
        
        PID:15252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        761⤵
        
        PID:15268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        762⤵
        
        PID:15284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        763⤵
        
        PID:15300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        764⤵
        
        PID:15316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        765⤵
        
        PID:15332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        766⤵
        
        PID:15348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        767⤵
        
        PID:14560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        768⤵
        
        PID:8860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        769⤵
        
        PID:8792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        770⤵
        
        PID:9356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        771⤵
        
        PID:8828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        772⤵
        
        PID:2704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        773⤵
        
        PID:14756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        774⤵
        
        PID:15368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        775⤵
        
        PID:15384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        776⤵
        
        PID:15400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        777⤵
        
        PID:15416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        778⤵
        System Location Discovery: System Language Discovery
        
        PID:15432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        779⤵
        System Location Discovery: System Language Discovery
        
        PID:15448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        780⤵
        
        PID:15464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        781⤵
        
        PID:15480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        782⤵
        
        PID:15496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        783⤵
        
        PID:15508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        784⤵
        
        PID:15520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        785⤵
        
        PID:15536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        786⤵
        
        PID:15552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        787⤵
        
        PID:15568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        788⤵
        
        PID:15584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        789⤵
        
        PID:15600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        790⤵
        
        PID:15616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        791⤵
        System Location Discovery: System Language Discovery
        
        PID:15628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        792⤵
        
        PID:15640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        793⤵
        System Location Discovery: System Language Discovery
        
        PID:15656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        794⤵
        System Location Discovery: System Language Discovery
        
        PID:15672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        795⤵
        
        PID:15688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        796⤵
        
        PID:15704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        797⤵
        
        PID:15720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        798⤵
        
        PID:15736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        799⤵
        
        PID:15752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        800⤵
        System Location Discovery: System Language Discovery
        
        PID:15768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        801⤵
        
        PID:15784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        802⤵
        
        PID:15800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        803⤵
        
        PID:15812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        804⤵
        
        PID:15828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        805⤵
        
        PID:15844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        806⤵
        
        PID:15860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        807⤵
        
        PID:15876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        808⤵
        
        PID:15892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        809⤵
        
        PID:15908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        810⤵
        
        PID:15924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        811⤵
        
        PID:15944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        812⤵
        System Location Discovery: System Language Discovery
        
        PID:15960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        813⤵
        
        PID:15976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        814⤵
        
        PID:15988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        815⤵
        
        PID:16000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        816⤵
        
        PID:16016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        817⤵
        
        PID:16028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        818⤵
        
        PID:16040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        819⤵
        
        PID:16056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        820⤵
        
        PID:16072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        821⤵
        System Location Discovery: System Language Discovery
        
        PID:16088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        822⤵
        
        PID:16100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        823⤵
        System Location Discovery: System Language Discovery
        
        PID:16116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        824⤵
        
        PID:16132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        825⤵
        
        PID:16148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        826⤵
        
        PID:16160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        827⤵
        
        PID:16172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        828⤵
        
        PID:16188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        829⤵
        
        PID:16200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        830⤵
        
        PID:16216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        831⤵
        
        PID:16228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        832⤵
        
        PID:16244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        833⤵
        
        PID:16260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        834⤵
        
        PID:16272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        835⤵
        
        PID:16288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        836⤵
        
        PID:16300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        837⤵
        
        PID:16316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        838⤵
        
        PID:16332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        839⤵
        
        PID:16348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        840⤵
        
        PID:16364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        841⤵
        System Location Discovery: System Language Discovery
        
        PID:16380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        842⤵
        
        PID:9676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        843⤵
        
        PID:16392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        844⤵
        
        PID:16408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        845⤵
        
        PID:16424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        846⤵
        
        PID:16436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        847⤵
        
        PID:16452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        848⤵
        
        PID:16464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        849⤵
        
        PID:16480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        850⤵
        
        PID:16492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        851⤵
        
        PID:16508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        852⤵
        
        PID:16524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        853⤵
        
        PID:16540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        854⤵
        
        PID:16556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        855⤵
        
        PID:16572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        856⤵
        
        PID:16588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        857⤵
        
        PID:16604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        858⤵
        
        PID:16624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        859⤵
        
        PID:16640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        860⤵
        
        PID:16656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        861⤵
        
        PID:16672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        862⤵
        
        PID:16688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        863⤵
        
        PID:16704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        864⤵
        
        PID:16720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        865⤵
        
        PID:16736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        866⤵
        
        PID:16748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        867⤵
        
        PID:16768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        868⤵
        
        PID:16784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        869⤵
        
        PID:16800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        870⤵
        
        PID:16816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        871⤵
        
        PID:16832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        872⤵
        
        PID:16848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        873⤵
        
        PID:16864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        874⤵
        
        PID:16880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        875⤵
        
        PID:16896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        876⤵
        
        PID:16912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        877⤵
        
        PID:16928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        878⤵
        
        PID:16944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        879⤵
        
        PID:16960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        880⤵
        
        PID:16976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        881⤵
        
        PID:16992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        882⤵
        
        PID:17004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        883⤵
        
        PID:17020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        884⤵
        
        PID:17036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        885⤵
        
        PID:17048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        886⤵
        
        PID:17064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2322bdc140d688eca1f5329277ce993f212c508f580a2f216b1acc37ef59cN.dll,#1
        887⤵
        
        PID:17080

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/17004-4-0x0000000075380000-0x0000000075604000-memory.dmp

Filesize
2.5MB

Download
memory/17020-3-0x0000000075380000-0x0000000075604000-memory.dmp

Filesize
2.5MB

Download
memory/17036-2-0x0000000075380000-0x0000000075604000-memory.dmp

Filesize
2.5MB

Download
memory/17048-1-0x0000000075380000-0x0000000075604000-memory.dmp

Filesize
2.5MB

Download
memory/17064-0-0x0000000075380000-0x0000000075604000-memory.dmp

Filesize
2.5MB

Download

Analysis

Sharing