c1f5502dbd1e8ee53ca0a1fbca6ae106d0ec74c8b5e250294ae3d53e0ea00e7e

Analysis

max time kernel
93s
max time network
143s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
19-11-2024 12:53

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll
Size

2.0MB
MD5

e8255dcdc60f0fc347e5776cbd0b4c18
SHA1

7bb5fa6ad85aa40d703cbed991560d07f07e69d1
SHA256

c1f5502dbd1e8ee53ca0a1fbca6ae106d0ec74c8b5e250294ae3d53e0ea00e7e
SHA512

105df69eda478c0e06dc5a2dc615262d743cb5cfed86382346b7f22bc37ece243e0a8e4485781a7f5d94859d7399a067ed947eef3bfd25e0765065ee8b477bbb
SSDEEP

49152:OWPKYJVH/aMXKRDD9HkzTnPxQ6kcpTA/+U4qfn8+nFFQCxEsJwKQ+:OGKYJVH/aMXKRDD9HkzTPxQ6pU4qf8+W

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 64 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3092 wrote to memory of 2056	3092	rundll32.exe	85
PID 3092 wrote to memory of 2056	3092	rundll32.exe	85
PID 3092 wrote to memory of 2056	3092	rundll32.exe	85
PID 2056 wrote to memory of 1060	2056	rundll32.exe	86
PID 2056 wrote to memory of 1060	2056	rundll32.exe	86
PID 2056 wrote to memory of 1060	2056	rundll32.exe	86
PID 1060 wrote to memory of 3348	1060	rundll32.exe	87
PID 1060 wrote to memory of 3348	1060	rundll32.exe	87
PID 1060 wrote to memory of 3348	1060	rundll32.exe	87
PID 3348 wrote to memory of 1012	3348	rundll32.exe	88
PID 3348 wrote to memory of 1012	3348	rundll32.exe	88
PID 3348 wrote to memory of 1012	3348	rundll32.exe	88
PID 1012 wrote to memory of 4244	1012	rundll32.exe	89
PID 1012 wrote to memory of 4244	1012	rundll32.exe	89
PID 1012 wrote to memory of 4244	1012	rundll32.exe	89
PID 4244 wrote to memory of 3416	4244	rundll32.exe	90
PID 4244 wrote to memory of 3416	4244	rundll32.exe	90
PID 4244 wrote to memory of 3416	4244	rundll32.exe	90
PID 3416 wrote to memory of 5084	3416	rundll32.exe	91
PID 3416 wrote to memory of 5084	3416	rundll32.exe	91
PID 3416 wrote to memory of 5084	3416	rundll32.exe	91
PID 5084 wrote to memory of 3040	5084	rundll32.exe	92
PID 5084 wrote to memory of 3040	5084	rundll32.exe	92
PID 5084 wrote to memory of 3040	5084	rundll32.exe	92
PID 3040 wrote to memory of 2144	3040	rundll32.exe	94
PID 3040 wrote to memory of 2144	3040	rundll32.exe	94
PID 3040 wrote to memory of 2144	3040	rundll32.exe	94
PID 2144 wrote to memory of 2944	2144	rundll32.exe	95
PID 2144 wrote to memory of 2944	2144	rundll32.exe	95
PID 2144 wrote to memory of 2944	2144	rundll32.exe	95
PID 2944 wrote to memory of 1812	2944	rundll32.exe	96
PID 2944 wrote to memory of 1812	2944	rundll32.exe	96
PID 2944 wrote to memory of 1812	2944	rundll32.exe	96
PID 1812 wrote to memory of 2316	1812	rundll32.exe	97
PID 1812 wrote to memory of 2316	1812	rundll32.exe	97
PID 1812 wrote to memory of 2316	1812	rundll32.exe	97
PID 2316 wrote to memory of 1232	2316	rundll32.exe	98
PID 2316 wrote to memory of 1232	2316	rundll32.exe	98
PID 2316 wrote to memory of 1232	2316	rundll32.exe	98
PID 1232 wrote to memory of 4032	1232	rundll32.exe	99
PID 1232 wrote to memory of 4032	1232	rundll32.exe	99
PID 1232 wrote to memory of 4032	1232	rundll32.exe	99
PID 4032 wrote to memory of 1456	4032	rundll32.exe	100
PID 4032 wrote to memory of 1456	4032	rundll32.exe	100
PID 4032 wrote to memory of 1456	4032	rundll32.exe	100
PID 1456 wrote to memory of 452	1456	rundll32.exe	101
PID 1456 wrote to memory of 452	1456	rundll32.exe	101
PID 1456 wrote to memory of 452	1456	rundll32.exe	101
PID 452 wrote to memory of 2556	452	rundll32.exe	102
PID 452 wrote to memory of 2556	452	rundll32.exe	102
PID 452 wrote to memory of 2556	452	rundll32.exe	102
PID 2556 wrote to memory of 2728	2556	rundll32.exe	103
PID 2556 wrote to memory of 2728	2556	rundll32.exe	103
PID 2556 wrote to memory of 2728	2556	rundll32.exe	103
PID 2728 wrote to memory of 2016	2728	rundll32.exe	104
PID 2728 wrote to memory of 2016	2728	rundll32.exe	104
PID 2728 wrote to memory of 2016	2728	rundll32.exe	104
PID 2016 wrote to memory of 2212	2016	rundll32.exe	106
PID 2016 wrote to memory of 2212	2016	rundll32.exe	106
PID 2016 wrote to memory of 2212	2016	rundll32.exe	106
PID 2212 wrote to memory of 392	2212	rundll32.exe	107
PID 2212 wrote to memory of 392	2212	rundll32.exe	107
PID 2212 wrote to memory of 392	2212	rundll32.exe	107
PID 392 wrote to memory of 2804	392	rundll32.exe	109

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:3092
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
  2⤵
  - Suspicious use of WriteProcessMemory
  PID:2056
- - C:\Windows\SysWOW64\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
    3⤵
    - Suspicious use of WriteProcessMemory
    PID:1060
  - - C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
      4⤵
      Suspicious use of WriteProcessMemory
      PID:3348
    - - C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        5⤵
        Suspicious use of WriteProcessMemory
        
        PID:1012
      - C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        6⤵
        Suspicious use of WriteProcessMemory
        
        PID:4244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        7⤵
        Suspicious use of WriteProcessMemory
        
        PID:3416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        8⤵
        Suspicious use of WriteProcessMemory
        
        PID:5084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        9⤵
        Suspicious use of WriteProcessMemory
        
        PID:3040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        10⤵
        Suspicious use of WriteProcessMemory
        
        PID:2144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        11⤵
        Suspicious use of WriteProcessMemory
        
        PID:2944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        12⤵
        Suspicious use of WriteProcessMemory
        
        PID:1812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        13⤵
        Suspicious use of WriteProcessMemory
        
        PID:2316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        14⤵
        Suspicious use of WriteProcessMemory
        
        PID:1232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        15⤵
        Suspicious use of WriteProcessMemory
        
        PID:4032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        16⤵
        Suspicious use of WriteProcessMemory
        
        PID:1456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        17⤵
        Suspicious use of WriteProcessMemory
        
        PID:452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        18⤵
        Suspicious use of WriteProcessMemory
        
        PID:2556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        19⤵
        Suspicious use of WriteProcessMemory
        
        PID:2728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        20⤵
        Suspicious use of WriteProcessMemory
        
        PID:2016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        21⤵
        Suspicious use of WriteProcessMemory
        
        PID:2212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        22⤵
        System Location Discovery: System Language Discovery
        Suspicious use of WriteProcessMemory
        
        PID:392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        23⤵
        
        PID:2804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        24⤵
        
        PID:2408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        25⤵
        
        PID:4728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        26⤵
        
        PID:2632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        27⤵
        
        PID:4524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        28⤵
        System Location Discovery: System Language Discovery
        
        PID:1156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        29⤵
        
        PID:4600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        30⤵
        
        PID:1416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        31⤵
        
        PID:5116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        32⤵
        
        PID:3980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        33⤵
        
        PID:3936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        34⤵
        
        PID:4340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        35⤵
        
        PID:4132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        36⤵
        
        PID:1612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        37⤵
        System Location Discovery: System Language Discovery
        
        PID:2468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        38⤵
        
        PID:2060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        39⤵
        
        PID:3392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        40⤵
        
        PID:1616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        41⤵
        
        PID:736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        42⤵
        
        PID:1580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        43⤵
        
        PID:4940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        44⤵
        
        PID:3696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        45⤵
        
        PID:1876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        46⤵
        
        PID:2756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        47⤵
        
        PID:1992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        48⤵
        System Location Discovery: System Language Discovery
        
        PID:3468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        49⤵
        
        PID:1764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        50⤵
        
        PID:2936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        51⤵
        
        PID:4076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        52⤵
        
        PID:2288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        53⤵
        
        PID:3952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        54⤵
        
        PID:4188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        55⤵
        
        PID:436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        56⤵
        
        PID:3764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        57⤵
        
        PID:2584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        58⤵
        
        PID:4488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        59⤵
        
        PID:4756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        60⤵
        
        PID:4516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        61⤵
        
        PID:376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        62⤵
        
        PID:916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        63⤵
        
        PID:3968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        64⤵
        
        PID:4152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        65⤵
        
        PID:880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        66⤵
        
        PID:3692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        67⤵
        
        PID:4400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        68⤵
        System Location Discovery: System Language Discovery
        
        PID:896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        69⤵
        
        PID:4748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        70⤵
        
        PID:4360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        71⤵
        
        PID:1728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        72⤵
        
        PID:3616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        73⤵
        
        PID:4376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        74⤵
        
        PID:264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        75⤵
        System Location Discovery: System Language Discovery
        
        PID:4052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        76⤵
        
        PID:2080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        77⤵
        
        PID:4544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        78⤵
        System Location Discovery: System Language Discovery
        
        PID:4944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        79⤵
        
        PID:3488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        80⤵
        
        PID:4704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        81⤵
        
        PID:2220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        82⤵
        
        PID:4648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        83⤵
        
        PID:4520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        84⤵
        
        PID:2808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        85⤵
        
        PID:3588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        86⤵
        
        PID:1404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        87⤵
        
        PID:1180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        88⤵
        
        PID:5068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        89⤵
        
        PID:2252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        90⤵
        
        PID:3168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        91⤵
        
        PID:3604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        92⤵
        
        PID:4396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        93⤵
        
        PID:816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        94⤵
        
        PID:3752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        95⤵
        
        PID:1360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        96⤵
        
        PID:2312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        97⤵
        
        PID:2036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        98⤵
        System Location Discovery: System Language Discovery
        
        PID:1480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        99⤵
        
        PID:5040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        100⤵
        
        PID:1160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        101⤵
        
        PID:1440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        102⤵
        
        PID:4432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        103⤵
        
        PID:4564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        104⤵
        System Location Discovery: System Language Discovery
        
        PID:4548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        105⤵
        
        PID:4292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        106⤵
        
        PID:3976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        107⤵
        
        PID:868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        108⤵
        
        PID:3272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        109⤵
        
        PID:1532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        110⤵
        
        PID:2068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        111⤵
        
        PID:5136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        112⤵
        
        PID:5152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        113⤵
        
        PID:5164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        114⤵
        
        PID:5184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        115⤵
        
        PID:5196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        116⤵
        
        PID:5212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        117⤵
        
        PID:5224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        118⤵
        
        PID:5240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        119⤵
        
        PID:5252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        120⤵
        
        PID:5264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        121⤵
        
        PID:5276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        122⤵
        
        PID:5292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        123⤵
        
        PID:5308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        124⤵
        
        PID:5320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        125⤵
        System Location Discovery: System Language Discovery
        
        PID:5336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        126⤵
        
        PID:5352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        127⤵
        
        PID:5372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        128⤵
        
        PID:5388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        129⤵
        
        PID:5404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        130⤵
        
        PID:5420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        131⤵
        
        PID:5436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        132⤵
        
        PID:5452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        133⤵
        
        PID:5468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        134⤵
        
        PID:5484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        135⤵
        
        PID:5496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        136⤵
        System Location Discovery: System Language Discovery
        
        PID:5512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        137⤵
        
        PID:5524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        138⤵
        
        PID:5540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        139⤵
        
        PID:5552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        140⤵
        
        PID:5572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        141⤵
        
        PID:5588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        142⤵
        
        PID:5600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        143⤵
        
        PID:5616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        144⤵
        
        PID:5628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        145⤵
        
        PID:5640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        146⤵
        
        PID:5656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        147⤵
        
        PID:5672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        148⤵
        
        PID:5688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        149⤵
        
        PID:5704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        150⤵
        
        PID:5720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        151⤵
        
        PID:5740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        152⤵
        
        PID:5752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        153⤵
        System Location Discovery: System Language Discovery
        
        PID:5768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        154⤵
        
        PID:5784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        155⤵
        
        PID:5800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        156⤵
        
        PID:5816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        157⤵
        System Location Discovery: System Language Discovery
        
        PID:5828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        158⤵
        
        PID:5844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        159⤵
        
        PID:5860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        160⤵
        
        PID:5876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        161⤵
        
        PID:5892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        162⤵
        System Location Discovery: System Language Discovery
        
        PID:5908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        163⤵
        System Location Discovery: System Language Discovery
        
        PID:5920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        164⤵
        
        PID:5932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        165⤵
        
        PID:5944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        166⤵
        
        PID:5960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        167⤵
        
        PID:5972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        168⤵
        
        PID:5988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        169⤵
        
        PID:6000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        170⤵
        
        PID:6012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        171⤵
        
        PID:6028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        172⤵
        
        PID:6044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        173⤵
        System Location Discovery: System Language Discovery
        
        PID:6060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        174⤵
        
        PID:6080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        175⤵
        
        PID:6092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        176⤵
        
        PID:6108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        177⤵
        
        PID:6124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        178⤵
        
        PID:2724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        179⤵
        
        PID:4612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        180⤵
        
        PID:1484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        181⤵
        
        PID:1468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        182⤵
        
        PID:6160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        183⤵
        
        PID:6176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        184⤵
        
        PID:6192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        185⤵
        
        PID:6208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        186⤵
        
        PID:6224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        187⤵
        
        PID:6240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        188⤵
        
        PID:6252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        189⤵
        System Location Discovery: System Language Discovery
        
        PID:6272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        190⤵
        
        PID:6288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        191⤵
        
        PID:6304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        192⤵
        
        PID:6320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        193⤵
        
        PID:6332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        194⤵
        
        PID:6348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        195⤵
        
        PID:6364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        196⤵
        
        PID:6380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        197⤵
        
        PID:6396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        198⤵
        System Location Discovery: System Language Discovery
        
        PID:6412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        199⤵
        
        PID:6428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        200⤵
        
        PID:6440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        201⤵
        
        PID:6456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        202⤵
        
        PID:6472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        203⤵
        
        PID:6484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        204⤵
        
        PID:6508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        205⤵
        
        PID:6524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        206⤵
        
        PID:6540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        207⤵
        
        PID:6556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        208⤵
        
        PID:6572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        209⤵
        
        PID:6584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        210⤵
        
        PID:6596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        211⤵
        
        PID:6628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        212⤵
        
        PID:6644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        213⤵
        
        PID:6676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        214⤵
        
        PID:6700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        215⤵
        
        PID:6748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        216⤵
        
        PID:6768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        217⤵
        
        PID:6800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        218⤵
        
        PID:6824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        219⤵
        
        PID:6868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        220⤵
        System Location Discovery: System Language Discovery
        
        PID:6916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        221⤵
        System Location Discovery: System Language Discovery
        
        PID:6948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        222⤵
        
        PID:6960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        223⤵
        
        PID:6976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        224⤵
        
        PID:6996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        225⤵
        
        PID:7012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        226⤵
        
        PID:7032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        227⤵
        
        PID:7072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        228⤵
        
        PID:7088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        229⤵
        System Location Discovery: System Language Discovery
        
        PID:7104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        230⤵
        
        PID:7116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        231⤵
        
        PID:7128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        232⤵
        
        PID:7140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        233⤵
        
        PID:7152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        234⤵
        
        PID:7172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        235⤵
        
        PID:7188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        236⤵
        
        PID:7200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        237⤵
        
        PID:7216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        238⤵
        
        PID:7232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        239⤵
        
        PID:7248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        240⤵
        
        PID:7264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        241⤵
        
        PID:7276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        242⤵
        
        PID:7292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        243⤵
        
        PID:7312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        244⤵
        
        PID:7328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        245⤵
        
        PID:7340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        246⤵
        
        PID:7360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        247⤵
        
        PID:7380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        248⤵
        System Location Discovery: System Language Discovery
        
        PID:7396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        249⤵
        
        PID:7412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        250⤵
        
        PID:7428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        251⤵
        
        PID:7440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        252⤵
        
        PID:7452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        253⤵
        
        PID:7464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        254⤵
        
        PID:7480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        255⤵
        
        PID:7496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        256⤵
        
        PID:7512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        257⤵
        
        PID:7528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        258⤵
        
        PID:7544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        259⤵
        
        PID:7560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        260⤵
        
        PID:7576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        261⤵
        
        PID:7592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        262⤵
        
        PID:7604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        263⤵
        
        PID:7624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        264⤵
        
        PID:7636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        265⤵
        
        PID:7652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        266⤵
        
        PID:7668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        267⤵
        
        PID:7684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        268⤵
        
        PID:7700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        269⤵
        
        PID:7716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        270⤵
        
        PID:7732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        271⤵
        
        PID:7744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        272⤵
        
        PID:7760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        273⤵
        
        PID:7776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        274⤵
        
        PID:7792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        275⤵
        
        PID:7808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        276⤵
        
        PID:7824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        277⤵
        
        PID:7840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        278⤵
        System Location Discovery: System Language Discovery
        
        PID:7856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        279⤵
        
        PID:7872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        280⤵
        
        PID:7888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        281⤵
        
        PID:7904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        282⤵
        
        PID:7920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        283⤵
        
        PID:7936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        284⤵
        
        PID:7952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        285⤵
        
        PID:7968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        286⤵
        System Location Discovery: System Language Discovery
        
        PID:7984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        287⤵
        
        PID:8000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        288⤵
        
        PID:8016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        289⤵
        
        PID:8032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        290⤵
        
        PID:8052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        291⤵
        
        PID:8068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        292⤵
        
        PID:8084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        293⤵
        
        PID:8100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        294⤵
        
        PID:8116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        295⤵
        
        PID:8132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        296⤵
        
        PID:8148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        297⤵
        
        PID:8164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        298⤵
        
        PID:8180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        299⤵
        
        PID:6924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        300⤵
        
        PID:7068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        301⤵
        
        PID:6716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        302⤵
        System Location Discovery: System Language Discovery
        
        PID:8204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        303⤵
        
        PID:8220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        304⤵
        
        PID:8236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        305⤵
        
        PID:8248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        306⤵
        
        PID:8264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        307⤵
        
        PID:8276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        308⤵
        
        PID:8288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        309⤵
        
        PID:8304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        310⤵
        
        PID:8320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        311⤵
        
        PID:8336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        312⤵
        
        PID:8352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        313⤵
        
        PID:8368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        314⤵
        System Location Discovery: System Language Discovery
        
        PID:8384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        315⤵
        
        PID:8400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        316⤵
        
        PID:8416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        317⤵
        System Location Discovery: System Language Discovery
        
        PID:8432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        318⤵
        
        PID:8452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        319⤵
        
        PID:8484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        320⤵
        
        PID:8504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        321⤵
        
        PID:8556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        322⤵
        
        PID:8576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        323⤵
        
        PID:8592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        324⤵
        
        PID:8612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        325⤵
        
        PID:8628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        326⤵
        
        PID:8648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        327⤵
        
        PID:8664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        328⤵
        
        PID:8680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        329⤵
        
        PID:8696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        330⤵
        
        PID:8712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        331⤵
        
        PID:8728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        332⤵
        
        PID:8744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        333⤵
        System Location Discovery: System Language Discovery
        
        PID:8760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        334⤵
        
        PID:8772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        335⤵
        
        PID:8792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        336⤵
        
        PID:8808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        337⤵
        
        PID:8824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        338⤵
        
        PID:8840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        339⤵
        
        PID:8852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        340⤵
        
        PID:8872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        341⤵
        
        PID:8888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        342⤵
        
        PID:8904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        343⤵
        
        PID:8920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        344⤵
        
        PID:8936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        345⤵
        
        PID:8948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        346⤵
        
        PID:8960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        347⤵
        
        PID:8976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        348⤵
        
        PID:8992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        349⤵
        
        PID:9004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        350⤵
        
        PID:9020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        351⤵
        
        PID:9036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        352⤵
        
        PID:9052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        353⤵
        
        PID:9068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        354⤵
        
        PID:9084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        355⤵
        
        PID:9100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        356⤵
        System Location Discovery: System Language Discovery
        
        PID:9116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        357⤵
        
        PID:9132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        358⤵
        
        PID:9148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        359⤵
        
        PID:9160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        360⤵
        
        PID:9176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        361⤵
        System Location Discovery: System Language Discovery
        
        PID:9192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        362⤵
        
        PID:9204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        363⤵
        System Location Discovery: System Language Discovery
        
        PID:8040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        364⤵
        
        PID:8540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        365⤵
        
        PID:8536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        366⤵
        
        PID:8492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        367⤵
        
        PID:9232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        368⤵
        
        PID:9248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        369⤵
        
        PID:9264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        370⤵
        
        PID:9276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        371⤵
        
        PID:9296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        372⤵
        
        PID:9312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        373⤵
        
        PID:9328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        374⤵
        
        PID:9344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        375⤵
        
        PID:9360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        376⤵
        
        PID:9372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        377⤵
        
        PID:9388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        378⤵
        
        PID:9408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        379⤵
        
        PID:9424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        380⤵
        
        PID:9440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        381⤵
        
        PID:9456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        382⤵
        
        PID:9472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        383⤵
        
        PID:9488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        384⤵
        
        PID:9508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        385⤵
        
        PID:9524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        386⤵
        
        PID:9576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        387⤵
        
        PID:9588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        388⤵
        
        PID:9604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        389⤵
        
        PID:9624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        390⤵
        
        PID:9640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        391⤵
        
        PID:9656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        392⤵
        
        PID:9672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        393⤵
        
        PID:9688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        394⤵
        
        PID:9700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        395⤵
        
        PID:9716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        396⤵
        
        PID:9732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        397⤵
        
        PID:9748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        398⤵
        System Location Discovery: System Language Discovery
        
        PID:9764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        399⤵
        System Location Discovery: System Language Discovery
        
        PID:9780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        400⤵
        
        PID:9792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        401⤵
        
        PID:9808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        402⤵
        
        PID:9824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        403⤵
        
        PID:9840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        404⤵
        
        PID:9856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        405⤵
        
        PID:9872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        406⤵
        
        PID:9888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        407⤵
        
        PID:9904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        408⤵
        
        PID:9916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        409⤵
        System Location Discovery: System Language Discovery
        
        PID:9932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        410⤵
        
        PID:9948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        411⤵
        
        PID:9964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        412⤵
        
        PID:9980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        413⤵
        
        PID:9996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        414⤵
        
        PID:10012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        415⤵
        
        PID:10028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        416⤵
        
        PID:10040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        417⤵
        
        PID:10052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        418⤵
        
        PID:10064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        419⤵
        
        PID:10080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        420⤵
        
        PID:10096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        421⤵
        
        PID:10112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        422⤵
        
        PID:10128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        423⤵
        
        PID:10144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        424⤵
        
        PID:10156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        425⤵
        
        PID:10172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        426⤵
        
        PID:10192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        427⤵
        
        PID:10208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        428⤵
        
        PID:10224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        429⤵
        
        PID:8784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        430⤵
        
        PID:10260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        431⤵
        
        PID:10300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        432⤵
        
        PID:10344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        433⤵
        
        PID:10364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        434⤵
        
        PID:10400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        435⤵
        
        PID:10448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        436⤵
        
        PID:10480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        437⤵
        
        PID:10496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        438⤵
        
        PID:10512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        439⤵
        
        PID:10544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        440⤵
        
        PID:10572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        441⤵
        
        PID:10588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        442⤵
        
        PID:10608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        443⤵
        
        PID:10624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        444⤵
        
        PID:10648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        445⤵
        
        PID:10688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        446⤵
        
        PID:10704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        447⤵
        
        PID:10728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        448⤵
        
        PID:10744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        449⤵
        
        PID:10756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        450⤵
        
        PID:10776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        451⤵
        
        PID:10792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        452⤵
        
        PID:10808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        453⤵
        
        PID:10824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        454⤵
        
        PID:10840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        455⤵
        
        PID:10856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        456⤵
        
        PID:10872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        457⤵
        
        PID:10888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        458⤵
        
        PID:10904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        459⤵
        
        PID:10920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        460⤵
        
        PID:10936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        461⤵
        
        PID:10952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        462⤵
        
        PID:10968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        463⤵
        
        PID:10984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        464⤵
        
        PID:11004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        465⤵
        
        PID:11024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        466⤵
        
        PID:11040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        467⤵
        
        PID:11056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        468⤵
        
        PID:11072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        469⤵
        
        PID:11084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        470⤵
        
        PID:11104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        471⤵
        
        PID:11120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        472⤵
        
        PID:11136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        473⤵
        
        PID:11152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        474⤵
        
        PID:11168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        475⤵
        
        PID:11184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        476⤵
        
        PID:11200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        477⤵
        
        PID:11216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        478⤵
        
        PID:11232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        479⤵
        
        PID:11248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        480⤵
        
        PID:10276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        481⤵
        
        PID:10376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        482⤵
        
        PID:10296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        483⤵
        
        PID:10664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        484⤵
        
        PID:10716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        485⤵
        
        PID:11268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        486⤵
        
        PID:11284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        487⤵
        
        PID:11300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        488⤵
        
        PID:11316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        489⤵
        
        PID:11332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        490⤵
        
        PID:11348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        491⤵
        
        PID:11364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        492⤵
        
        PID:11380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        493⤵
        
        PID:11392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        494⤵
        
        PID:11408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        495⤵
        
        PID:11424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        496⤵
        
        PID:11440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        497⤵
        
        PID:11456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        498⤵
        System Location Discovery: System Language Discovery
        
        PID:11468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        499⤵
        
        PID:11484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        500⤵
        
        PID:11504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        501⤵
        
        PID:11524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        502⤵
        
        PID:11540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        503⤵
        
        PID:11556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        504⤵
        
        PID:11572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        505⤵
        
        PID:11584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        506⤵
        
        PID:11600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        507⤵
        
        PID:11616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        508⤵
        
        PID:11632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        509⤵
        
        PID:11648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        510⤵
        
        PID:11660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        511⤵
        
        PID:11680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        512⤵
        
        PID:11696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        513⤵
        
        PID:11712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        514⤵
        
        PID:11724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        515⤵
        
        PID:11736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        516⤵
        
        PID:11752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        517⤵
        
        PID:11768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        518⤵
        
        PID:11784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        519⤵
        
        PID:11800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        520⤵
        
        PID:11816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        521⤵
        
        PID:11828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        522⤵
        
        PID:11844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        523⤵
        
        PID:11860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        524⤵
        
        PID:11872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        525⤵
        
        PID:11884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        526⤵
        
        PID:11900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        527⤵
        
        PID:11916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        528⤵
        
        PID:11932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        529⤵
        
        PID:11948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        530⤵
        
        PID:11968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        531⤵
        
        PID:11984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        532⤵
        
        PID:12000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        533⤵
        
        PID:12016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        534⤵
        
        PID:12028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        535⤵
        
        PID:12044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        536⤵
        System Location Discovery: System Language Discovery
        
        PID:12060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        537⤵
        
        PID:12076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        538⤵
        
        PID:12092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        539⤵
        
        PID:12104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        540⤵
        
        PID:12120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        541⤵
        
        PID:12136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        542⤵
        
        PID:12152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        543⤵
        
        PID:12164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        544⤵
        
        PID:12176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        545⤵
        
        PID:12192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        546⤵
        
        PID:12208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        547⤵
        
        PID:12224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        548⤵
        
        PID:12236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        549⤵
        
        PID:12252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        550⤵
        
        PID:12268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        551⤵
        
        PID:12280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        552⤵
        
        PID:1900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        553⤵
        
        PID:6136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        554⤵
        
        PID:3164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        555⤵
        
        PID:5360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        556⤵
        
        PID:11520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        557⤵
        
        PID:12304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        558⤵
        
        PID:12316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        559⤵
        
        PID:12332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        560⤵
        
        PID:12348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        561⤵
        
        PID:12360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        562⤵
        
        PID:12376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        563⤵
        
        PID:12392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        564⤵
        
        PID:12408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        565⤵
        
        PID:12424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        566⤵
        
        PID:12440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        567⤵
        
        PID:12456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        568⤵
        
        PID:12472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        569⤵
        
        PID:12488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        570⤵
        
        PID:12500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        571⤵
        
        PID:12516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        572⤵
        
        PID:12532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        573⤵
        
        PID:12548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        574⤵
        
        PID:12560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        575⤵
        
        PID:12572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        576⤵
        
        PID:12592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        577⤵
        System Location Discovery: System Language Discovery
        
        PID:12604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        578⤵
        
        PID:12620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        579⤵
        
        PID:12636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        580⤵
        
        PID:12652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        581⤵
        
        PID:12668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        582⤵
        
        PID:12680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        583⤵
        
        PID:12696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        584⤵
        
        PID:12712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        585⤵
        
        PID:12728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        586⤵
        
        PID:12744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        587⤵
        System Location Discovery: System Language Discovery
        
        PID:12756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        588⤵
        System Location Discovery: System Language Discovery
        
        PID:12772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        589⤵
        
        PID:12788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        590⤵
        
        PID:12804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        591⤵
        
        PID:12820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        592⤵
        System Location Discovery: System Language Discovery
        
        PID:12836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        593⤵
        
        PID:12852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        594⤵
        
        PID:12864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        595⤵
        
        PID:12880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        596⤵
        
        PID:12896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        597⤵
        
        PID:12912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        598⤵
        
        PID:12928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        599⤵
        System Location Discovery: System Language Discovery
        
        PID:12940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        600⤵
        
        PID:12956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        601⤵
        
        PID:12972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        602⤵
        System Location Discovery: System Language Discovery
        
        PID:12988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        603⤵
        
        PID:13004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        604⤵
        
        PID:13020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        605⤵
        
        PID:13040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        606⤵
        
        PID:13052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        607⤵
        
        PID:13072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        608⤵
        
        PID:13088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        609⤵
        
        PID:13104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        610⤵
        
        PID:13136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        611⤵
        
        PID:13156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        612⤵
        
        PID:13172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        613⤵
        
        PID:13184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        614⤵
        
        PID:13196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        615⤵
        
        PID:13212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        616⤵
        System Location Discovery: System Language Discovery
        
        PID:13228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        617⤵
        
        PID:13248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        618⤵
        
        PID:13264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        619⤵
        
        PID:13280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        620⤵
        System Location Discovery: System Language Discovery
        
        PID:13296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        621⤵
        
        PID:13308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        622⤵
        
        PID:12216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        623⤵
        
        PID:13328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        624⤵
        
        PID:13344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        625⤵
        
        PID:13364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        626⤵
        
        PID:13380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        627⤵
        
        PID:13396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        628⤵
        
        PID:13420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        629⤵
        
        PID:13436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        630⤵
        
        PID:13448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        631⤵
        
        PID:13464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        632⤵
        
        PID:13476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        633⤵
        
        PID:13488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        634⤵
        
        PID:13504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        635⤵
        
        PID:13520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        636⤵
        
        PID:13536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        637⤵
        
        PID:13552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        638⤵
        
        PID:13572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        639⤵
        
        PID:13584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        640⤵
        System Location Discovery: System Language Discovery
        
        PID:13600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        641⤵
        
        PID:13616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        642⤵
        
        PID:13632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        643⤵
        
        PID:13644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        644⤵
        
        PID:13656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        645⤵
        
        PID:13672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        646⤵
        
        PID:13688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        647⤵
        
        PID:13704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        648⤵
        
        PID:13720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        649⤵
        
        PID:13732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        650⤵
        
        PID:13748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        651⤵
        System Location Discovery: System Language Discovery
        
        PID:13764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        652⤵
        
        PID:13780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        653⤵
        
        PID:13796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        654⤵
        
        PID:13812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        655⤵
        
        PID:13828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        656⤵
        
        PID:13844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        657⤵
        
        PID:13860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        658⤵
        
        PID:13872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        659⤵
        
        PID:13888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        660⤵
        
        PID:13904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        661⤵
        
        PID:13916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        662⤵
        
        PID:13932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        663⤵
        
        PID:13948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        664⤵
        
        PID:13964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        665⤵
        
        PID:13980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        666⤵
        
        PID:13996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        667⤵
        
        PID:14012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        668⤵
        
        PID:14028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        669⤵
        
        PID:14044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        670⤵
        
        PID:14056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        671⤵
        
        PID:14072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        672⤵
        
        PID:14088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        673⤵
        
        PID:14104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        674⤵
        
        PID:14120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        675⤵
        
        PID:14136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        676⤵
        
        PID:14148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        677⤵
        
        PID:14168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        678⤵
        
        PID:14184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        679⤵
        
        PID:14196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        680⤵
        
        PID:14212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        681⤵
        
        PID:14224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        682⤵
        
        PID:14244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        683⤵
        
        PID:14260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        684⤵
        
        PID:14276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        685⤵
        
        PID:14292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        686⤵
        
        PID:14308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        687⤵
        System Location Discovery: System Language Discovery
        
        PID:14324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        688⤵
        System Location Discovery: System Language Discovery
        
        PID:10432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        689⤵
        
        PID:6936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        690⤵
        
        PID:968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        691⤵
        
        PID:14344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        692⤵
        
        PID:14360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        693⤵
        
        PID:14376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        694⤵
        
        PID:14392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        695⤵
        
        PID:14408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        696⤵
        
        PID:14424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        697⤵
        
        PID:14436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        698⤵
        
        PID:14448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        699⤵
        
        PID:14460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        700⤵
        System Location Discovery: System Language Discovery
        
        PID:14476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        701⤵
        
        PID:14492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        702⤵
        
        PID:14504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        703⤵
        
        PID:14520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        704⤵
        
        PID:14536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        705⤵
        
        PID:14552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        706⤵
        
        PID:14564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        707⤵
        
        PID:14580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        708⤵
        System Location Discovery: System Language Discovery
        
        PID:14596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        709⤵
        
        PID:14608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        710⤵
        
        PID:14620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        711⤵
        System Location Discovery: System Language Discovery
        
        PID:14636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        712⤵
        
        PID:14648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        713⤵
        
        PID:14664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        714⤵
        
        PID:14676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        715⤵
        
        PID:14688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        716⤵
        
        PID:14700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        717⤵
        
        PID:14716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        718⤵
        
        PID:14732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        719⤵
        
        PID:14748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        720⤵
        
        PID:14760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        721⤵
        
        PID:14772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        722⤵
        
        PID:14788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        723⤵
        
        PID:14808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        724⤵
        
        PID:14824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        725⤵
        
        PID:14840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        726⤵
        System Location Discovery: System Language Discovery
        
        PID:14856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        727⤵
        
        PID:14872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        728⤵
        
        PID:14888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        729⤵
        
        PID:14904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        730⤵
        
        PID:14920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        731⤵
        
        PID:14936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        732⤵
        
        PID:14952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        733⤵
        
        PID:14968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        734⤵
        
        PID:14984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        735⤵
        
        PID:15000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        736⤵
        
        PID:15016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        737⤵
        
        PID:15032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        738⤵
        
        PID:15048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        739⤵
        
        PID:15064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        740⤵
        
        PID:15076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        741⤵
        
        PID:15092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        742⤵
        
        PID:15108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        743⤵
        
        PID:15124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        744⤵
        
        PID:15140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        745⤵
        
        PID:15156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        746⤵
        
        PID:15172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        747⤵
        
        PID:15188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        748⤵
        
        PID:15204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        749⤵
        
        PID:15220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        750⤵
        System Location Discovery: System Language Discovery
        
        PID:15236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        751⤵
        
        PID:15252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        752⤵
        
        PID:15268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        753⤵
        
        PID:15284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        754⤵
        
        PID:15300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        755⤵
        System Location Discovery: System Language Discovery
        
        PID:15316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        756⤵
        
        PID:15332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        757⤵
        
        PID:15348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        758⤵
        
        PID:14796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        759⤵
        System Location Discovery: System Language Discovery
        
        PID:15372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        760⤵
        
        PID:15388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        761⤵
        
        PID:15400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        762⤵
        
        PID:15416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        763⤵
        
        PID:15432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        764⤵
        
        PID:15452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        765⤵
        System Location Discovery: System Language Discovery
        
        PID:15468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        766⤵
        
        PID:15484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        767⤵
        
        PID:15500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        768⤵
        System Location Discovery: System Language Discovery
        
        PID:15516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        769⤵
        
        PID:15532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        770⤵
        
        PID:15548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        771⤵
        
        PID:15564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        772⤵
        
        PID:15580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        773⤵
        
        PID:15592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        774⤵
        
        PID:15608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        775⤵
        
        PID:15620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        776⤵
        
        PID:15636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        777⤵
        System Location Discovery: System Language Discovery
        
        PID:15652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        778⤵
        
        PID:15668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        779⤵
        
        PID:15684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        780⤵
        System Location Discovery: System Language Discovery
        
        PID:15700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        781⤵
        
        PID:15716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        782⤵
        
        PID:15732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        783⤵
        
        PID:15748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        784⤵
        
        PID:15764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        785⤵
        
        PID:15780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        786⤵
        
        PID:15796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        787⤵
        
        PID:15812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        788⤵
        
        PID:15828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        789⤵
        
        PID:15844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        790⤵
        
        PID:15860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        791⤵
        
        PID:15876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        792⤵
        
        PID:15892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        793⤵
        
        PID:15908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        794⤵
        
        PID:15924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        795⤵
        
        PID:15936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        796⤵
        System Location Discovery: System Language Discovery
        
        PID:15952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        797⤵
        
        PID:15964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        798⤵
        System Location Discovery: System Language Discovery
        
        PID:15980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        799⤵
        
        PID:15996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        800⤵
        
        PID:16012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        801⤵
        
        PID:16028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        802⤵
        
        PID:16040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        803⤵
        
        PID:16052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        804⤵
        
        PID:16068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        805⤵
        
        PID:16084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        806⤵
        
        PID:16104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        807⤵
        
        PID:16120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        808⤵
        
        PID:16132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        809⤵
        
        PID:16144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        810⤵
        
        PID:16156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        811⤵
        
        PID:16172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        812⤵
        
        PID:16188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        813⤵
        
        PID:16204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        814⤵
        
        PID:16216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        815⤵
        
        PID:16232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        816⤵
        
        PID:16248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        817⤵
        
        PID:16264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        818⤵
        
        PID:16280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        819⤵
        
        PID:16296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        820⤵
        
        PID:16312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        821⤵
        
        PID:16324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        822⤵
        
        PID:16340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        823⤵
        
        PID:16352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        824⤵
        
        PID:16368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        825⤵
        System Location Discovery: System Language Discovery
        
        PID:15440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        826⤵
        
        PID:16400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        827⤵
        
        PID:16412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        828⤵
        
        PID:16432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        829⤵
        
        PID:16448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        830⤵
        
        PID:16464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        831⤵
        
        PID:16480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        832⤵
        
        PID:16496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        833⤵
        
        PID:16512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        834⤵
        
        PID:16528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        835⤵
        
        PID:16544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        836⤵
        System Location Discovery: System Language Discovery
        
        PID:16560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        837⤵
        
        PID:16576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        838⤵
        
        PID:16592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        839⤵
        
        PID:16608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        840⤵
        
        PID:16624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        841⤵
        
        PID:16640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        842⤵
        
        PID:16656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        843⤵
        
        PID:16672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        844⤵
        
        PID:16688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        845⤵
        
        PID:16708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        846⤵
        System Location Discovery: System Language Discovery
        
        PID:16724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        847⤵
        
        PID:16740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        848⤵
        
        PID:16756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        849⤵
        
        PID:16772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        850⤵
        
        PID:16788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        851⤵
        
        PID:16804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        852⤵
        
        PID:16820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        853⤵
        
        PID:16836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        854⤵
        
        PID:16852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        855⤵
        
        PID:16868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        856⤵
        
        PID:16884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        857⤵
        
        PID:16900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        858⤵
        
        PID:16916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        859⤵
        
        PID:16932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        860⤵
        
        PID:16948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        861⤵
        
        PID:16964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        862⤵
        
        PID:16976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        863⤵
        
        PID:16992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        864⤵
        
        PID:17008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        865⤵
        
        PID:17024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        866⤵
        
        PID:17040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        867⤵
        
        PID:17056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        868⤵
        
        PID:17072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        869⤵
        
        PID:17088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        870⤵
        
        PID:17104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        871⤵
        
        PID:17120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        872⤵
        
        PID:17136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        873⤵
        
        PID:17152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        874⤵
        
        PID:17168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        875⤵
        
        PID:17184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        876⤵
        
        PID:17200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        877⤵
        
        PID:17216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        878⤵
        
        PID:17232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        879⤵
        
        PID:17248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\2804-4-0x0000000001D20000-0x0000000001F14000-memory.dll,#1
        880⤵
        
        PID:17264

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/17216-2-0x00000000757C0000-0x0000000075A44000-memory.dmp

Filesize
2.5MB

Download
memory/17232-1-0x00000000757C0000-0x0000000075A44000-memory.dmp

Filesize
2.5MB

Download