a126ffd2862e2469d70ad89dcfea538312149d87b310a9964e8f676d132d100a

Analysis

max time kernel
150s
max time network
141s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
02-12-2024 16:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Size

387KB
MD5

b938d57b74f198266f87c1fad3cc9942
SHA1

357ac64c996fc8262c69d0b185aea7dd44c1c834
SHA256

a126ffd2862e2469d70ad89dcfea538312149d87b310a9964e8f676d132d100a
SHA512

4f38d23bb54989dc4f2c08f6d1cb28a69d892b1db09ddc273020e84c8a001402bef748c76b27c48c62980d0bcb63480e8609a29efb76a9c0ad24fcde235b74dd
SSDEEP

6144:uR9ZCPtp9jmcD66RRjK795QhRORemcsR6xaNd3wyMBHBToREujB5wZl5DLfVq4m4:uMtqcD663KE+RDcCNFw7BhD5LfV1PyE

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeDebugPrivilege	1520	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	4320	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	2892	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	2568	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	3152	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	592	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	4952	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	4900	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	4348	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	1628	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	676	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	4768	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	3128	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	3172	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	3148	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	4860	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	3580	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	2436	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	4504	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	2984	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	1392	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	312	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	4324	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	1932	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	4980	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	3080	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	752	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	2876	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	3960	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	2948	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	5052	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	3824	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	3376	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	1352	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	3624	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	3528	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	4464	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	3224	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	4388	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	1788	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	2160	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	1020	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	2084	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	1628	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	676	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	4672	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	2992	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	3780	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	1580	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	4476	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	4056	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	1392	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	312	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	4324	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	3052	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	4980	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	3080	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	4236	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	2876	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	2648	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	2948	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	5052	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	3824	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
Token: SeDebugPrivilege	232	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1520 wrote to memory of 4320	1520	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	85
PID 1520 wrote to memory of 4320	1520	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	85
PID 4320 wrote to memory of 2892	4320	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	86
PID 4320 wrote to memory of 2892	4320	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	86
PID 2892 wrote to memory of 2568	2892	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	87
PID 2892 wrote to memory of 2568	2892	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	87
PID 2568 wrote to memory of 3152	2568	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	88
PID 2568 wrote to memory of 3152	2568	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	88
PID 3152 wrote to memory of 592	3152	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	89
PID 3152 wrote to memory of 592	3152	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	89
PID 592 wrote to memory of 4952	592	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	90
PID 592 wrote to memory of 4952	592	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	90
PID 4952 wrote to memory of 4900	4952	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	91
PID 4952 wrote to memory of 4900	4952	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	91
PID 4900 wrote to memory of 4348	4900	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	92
PID 4900 wrote to memory of 4348	4900	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	92
PID 4348 wrote to memory of 1628	4348	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	93
PID 4348 wrote to memory of 1628	4348	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	93
PID 1628 wrote to memory of 676	1628	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	94
PID 1628 wrote to memory of 676	1628	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	94
PID 676 wrote to memory of 4768	676	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	95
PID 676 wrote to memory of 4768	676	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	95
PID 4768 wrote to memory of 3128	4768	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	96
PID 4768 wrote to memory of 3128	4768	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	96
PID 3128 wrote to memory of 3172	3128	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	97
PID 3128 wrote to memory of 3172	3128	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	97
PID 3172 wrote to memory of 3148	3172	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	98
PID 3172 wrote to memory of 3148	3172	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	98
PID 3148 wrote to memory of 4860	3148	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	99
PID 3148 wrote to memory of 4860	3148	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	99
PID 4860 wrote to memory of 3580	4860	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	100
PID 4860 wrote to memory of 3580	4860	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	100
PID 3580 wrote to memory of 2436	3580	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	101
PID 3580 wrote to memory of 2436	3580	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	101
PID 2436 wrote to memory of 4504	2436	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	102
PID 2436 wrote to memory of 4504	2436	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	102
PID 4504 wrote to memory of 2984	4504	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	103
PID 4504 wrote to memory of 2984	4504	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	103
PID 2984 wrote to memory of 1392	2984	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	104
PID 2984 wrote to memory of 1392	2984	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	104
PID 1392 wrote to memory of 312	1392	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	105
PID 1392 wrote to memory of 312	1392	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	105
PID 312 wrote to memory of 4324	312	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	106
PID 312 wrote to memory of 4324	312	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	106
PID 4324 wrote to memory of 1932	4324	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	107
PID 4324 wrote to memory of 1932	4324	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	107
PID 1932 wrote to memory of 4980	1932	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	108
PID 1932 wrote to memory of 4980	1932	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	108
PID 4980 wrote to memory of 3080	4980	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	109
PID 4980 wrote to memory of 3080	4980	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	109
PID 3080 wrote to memory of 752	3080	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	110
PID 3080 wrote to memory of 752	3080	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	110
PID 752 wrote to memory of 2876	752	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	113
PID 752 wrote to memory of 2876	752	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	113
PID 2876 wrote to memory of 3960	2876	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	114
PID 2876 wrote to memory of 3960	2876	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	114
PID 3960 wrote to memory of 2948	3960	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	115
PID 3960 wrote to memory of 2948	3960	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	115
PID 2948 wrote to memory of 5052	2948	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	116
PID 2948 wrote to memory of 5052	2948	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	116
PID 5052 wrote to memory of 3824	5052	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	117
PID 5052 wrote to memory of 3824	5052	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	117
PID 3824 wrote to memory of 3376	3824	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	121
PID 3824 wrote to memory of 3376	3824	b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe	121

C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:1520
- C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
  C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
  2⤵
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of WriteProcessMemory
  PID:4320
- - C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
    C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
    3⤵
    - Suspicious use of AdjustPrivilegeToken
    - Suspicious use of WriteProcessMemory
    PID:2892
  - - C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
      C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
      4⤵
      Suspicious use of AdjustPrivilegeToken
      Suspicious use of WriteProcessMemory
      PID:2568
    - - C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        5⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:3152
      - C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        6⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:592
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        7⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:4952
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        8⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:4900
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        9⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:4348
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        10⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:1628
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        11⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:676
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        12⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:4768
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        13⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:3128
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        14⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:3172
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        15⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:3148
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        16⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:4860
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        17⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:3580
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        18⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:2436
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        19⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:4504
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        20⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:2984
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        21⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:1392
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        22⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:312
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        23⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:4324
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        24⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:1932
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        25⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:4980
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        26⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:3080
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        27⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:752
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        28⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:2876
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        29⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:3960
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        30⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:2948
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        31⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:5052
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        32⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:3824
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        33⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:3376
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        34⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1352
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        35⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:3624
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        36⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:3528
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        37⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:4464
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        38⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:3224
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        39⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:4388
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        40⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1788
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        41⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:2160
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        42⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1020
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        43⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:2084
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        44⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1628
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        45⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:676
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        46⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:4672
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        47⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:2992
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        48⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:3780
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        49⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1580
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        50⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:4476
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        51⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:4056
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        52⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1392
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        53⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:312
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        54⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:4324
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        55⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:3052
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        56⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:4980
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        57⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:3080
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        58⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:4236
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        59⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:2876
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        60⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:2648
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        61⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:2948
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        62⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:5052
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        63⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:3824
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        64⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:232
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        65⤵
        
        PID:3376
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        66⤵
        
        PID:2088
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        67⤵
        
        PID:1036
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        68⤵
        
        PID:4464
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        69⤵
        
        PID:2804
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        70⤵
        
        PID:2364
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        71⤵
        
        PID:1788
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        72⤵
        
        PID:2196
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        73⤵
        
        PID:3536
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        74⤵
        
        PID:4900
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        75⤵
        
        PID:4384
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        76⤵
        
        PID:2304
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        77⤵
        
        PID:3128
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        78⤵
        
        PID:1452
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        79⤵
        
        PID:4312
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        80⤵
        
        PID:1776
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        81⤵
        
        PID:1580
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        82⤵
        
        PID:4808
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        83⤵
        
        PID:1916
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        84⤵
        
        PID:4648
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        85⤵
        
        PID:4424
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        86⤵
        
        PID:312
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        87⤵
        
        PID:4980
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        88⤵
        
        PID:1004
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        89⤵
        
        PID:1396
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        90⤵
        
        PID:656
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        91⤵
        
        PID:4844
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        92⤵
        
        PID:2032
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        93⤵
        
        PID:1044
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        94⤵
        
        PID:4456
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        95⤵
        
        PID:5084
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        96⤵
        
        PID:3312
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        97⤵
        
        PID:316
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        98⤵
        
        PID:2776
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        99⤵
        
        PID:528
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        100⤵
        
        PID:592
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        101⤵
        
        PID:212
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        102⤵
        
        PID:1336
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        103⤵
        
        PID:2660
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        104⤵
        
        PID:2796
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        105⤵
        
        PID:1420
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        106⤵
        
        PID:2152
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        107⤵
        
        PID:2136
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        108⤵
        
        PID:2756
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        109⤵
        
        PID:4948
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        110⤵
        
        PID:2400
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        111⤵
        
        PID:3760
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        112⤵
        
        PID:2984
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        113⤵
        
        PID:5112
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        114⤵
        
        PID:768
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        115⤵
        
        PID:4660
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        116⤵
        
        PID:2912
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        117⤵
        
        PID:2212
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        118⤵
        
        PID:1460
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        119⤵
        
        PID:912
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        120⤵
        
        PID:2960
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        121⤵
        
        PID:2664
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        122⤵
        
        PID:3836
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        123⤵
        
        PID:2640
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        124⤵
        
        PID:4996
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        125⤵
        
        PID:3348
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        126⤵
        
        PID:4444
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        127⤵
        
        PID:2380
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        128⤵
        
        PID:3176
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        129⤵
        
        PID:1520
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        130⤵
        
        PID:2192
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        131⤵
        
        PID:4584
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        132⤵
        
        PID:4892
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        133⤵
        
        PID:2968
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        134⤵
        
        PID:2376
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        135⤵
        
        PID:592
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        136⤵
        
        PID:212
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        137⤵
        
        PID:4496
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        138⤵
        
        PID:2284
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        139⤵
        
        PID:2468
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        140⤵
        
        PID:2444
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        141⤵
        
        PID:4572
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        142⤵
        
        PID:2432
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        143⤵
        
        PID:4644
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        144⤵
        
        PID:3780
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        145⤵
        
        PID:4632
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        146⤵
        
        PID:3416
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        147⤵
        
        PID:4476
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        148⤵
        
        PID:4056
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        149⤵
        
        PID:4528
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        150⤵
        
        PID:2240
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        151⤵
        
        PID:5044
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        152⤵
        
        PID:2788
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        153⤵
        
        PID:1612
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        154⤵
        
        PID:4340
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        155⤵
        
        PID:4364
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        156⤵
        
        PID:4036
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        157⤵
        
        PID:4596
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        158⤵
        
        PID:4068
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        159⤵
        
        PID:4916
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        160⤵
        
        PID:4000
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        161⤵
        
        PID:2308
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        162⤵
        
        PID:216
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        163⤵
        
        PID:4936
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        164⤵
        
        PID:2452
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        165⤵
        
        PID:3628
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        166⤵
        
        PID:1376
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        167⤵
        
        PID:2776
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        168⤵
        
        PID:4388
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        169⤵
        
        PID:4316
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        170⤵
        
        PID:2720
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        171⤵
        
        PID:2500
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        172⤵
        
        PID:2008
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        173⤵
        
        PID:2672
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        174⤵
        
        PID:4900
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        175⤵
        
        PID:4816
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        176⤵
        
        PID:3220
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        177⤵
        
        PID:3040
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        178⤵
        
        PID:4432
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        179⤵
        
        PID:1240
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        180⤵
        
        PID:3760
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        181⤵
        
        PID:4604
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        182⤵
        
        PID:4808
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        183⤵
        
        PID:4896
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        184⤵
        
        PID:3412
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        185⤵
        
        PID:4300
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        186⤵
        
        PID:2912
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        187⤵
        
        PID:3852
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        188⤵
        
        PID:4516
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        189⤵
        
        PID:2728
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        190⤵
        
        PID:3384
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        191⤵
        
        PID:4872
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        192⤵
        
        PID:4512
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        193⤵
        
        PID:1052
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        194⤵
        
        PID:4524
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        195⤵
        
        PID:3824
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        196⤵
        
        PID:816
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        197⤵
        
        PID:2380
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        198⤵
        
        PID:3376
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        199⤵
        
        PID:4488
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        200⤵
        
        PID:316
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        201⤵
        
        PID:1080
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        202⤵
        
        PID:2604
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        203⤵
        
        PID:4536
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        204⤵
        
        PID:3304
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        205⤵
        
        PID:2188
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        206⤵
        
        PID:4928
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        207⤵
        
        PID:2840
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        208⤵
        
        PID:2660
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        209⤵
        
        PID:2796
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        210⤵
        
        PID:4672
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        211⤵
        
        PID:1516
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        212⤵
        
        PID:3440
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        213⤵
        
        PID:784
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        214⤵
        
        PID:3040
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        215⤵
        
        PID:4432
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        216⤵
        
        PID:2400
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        217⤵
        
        PID:3760
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        218⤵
        
        PID:4604
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        219⤵
        
        PID:4808
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        220⤵
        
        PID:5112
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        221⤵
        
        PID:3412
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        222⤵
        
        PID:4300
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        223⤵
        
        PID:900
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        224⤵
        
        PID:2936
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        225⤵
        
        PID:4516
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        226⤵
        
        PID:4328
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        227⤵
        
        PID:2680
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        228⤵
        
        PID:2648
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        229⤵
        
        PID:3008
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        230⤵
        
        PID:3456
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        231⤵
        
        PID:3144
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        232⤵
        
        PID:3892
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        233⤵
        
        PID:5084
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        234⤵
        
        PID:3624
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        235⤵
        
        PID:4196
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        236⤵
        
        PID:4324
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        237⤵
        
        PID:2996
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        238⤵
        
        PID:316
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        239⤵
        
        PID:1080
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        240⤵
        
        PID:2604
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        241⤵
        
        PID:4536
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        242⤵
        
        PID:3304
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        243⤵
        
        PID:2188
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        244⤵
        
        PID:1312
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        245⤵
        
        PID:2840
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        246⤵
        
        PID:4588
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        247⤵
        
        PID:4384
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        248⤵
        
        PID:2280
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        249⤵
        
        PID:2756
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        250⤵
        
        PID:2988
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        251⤵
        
        PID:4020
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        252⤵
        
        PID:1092
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        253⤵
        
        PID:3444
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        254⤵
        
        PID:1580
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        255⤵
        
        PID:1392
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        256⤵
        
        PID:1916
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        257⤵
        
        PID:2668
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        258⤵
        
        PID:5036
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        259⤵
        
        PID:736
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        260⤵
        
        PID:4896
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        261⤵
        
        PID:5000
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        262⤵
        
        PID:5040
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        263⤵
        
        PID:2912
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        264⤵
        
        PID:3872
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        265⤵
        
        PID:3384
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        266⤵
        
        PID:3836
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        267⤵
        
        PID:4016
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        268⤵
        
        PID:4444
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        269⤵
        
        PID:4708
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        270⤵
        
        PID:4456
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        271⤵
        
        PID:2308
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        272⤵
        
        PID:1520
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        273⤵
        
        PID:216
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        274⤵
        
        PID:2004
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        275⤵
        
        PID:3500
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        276⤵
        
        PID:2088
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        277⤵
        
        PID:4992
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        278⤵
        
        PID:1144
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        279⤵
        
        PID:4464
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        280⤵
        
        PID:1652
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        281⤵
        
        PID:1788
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        282⤵
        
        PID:1336
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        283⤵
        
        PID:2348
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        284⤵
        
        PID:3616
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        285⤵
        
        PID:2284
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        286⤵
        
        PID:1628
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        287⤵
        
        PID:4472
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        288⤵
        
        PID:4380
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        289⤵
        
        PID:1928
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        290⤵
        
        PID:4644
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        291⤵
        
        PID:1808
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        292⤵
        
        PID:4104
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        293⤵
        
        PID:3148
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        294⤵
        
        PID:2112
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        295⤵
        
        PID:1936
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        296⤵
        
        PID:3416
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        297⤵
        
        PID:1916
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        298⤵
        
        PID:2668
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        299⤵
        
        PID:1732
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        300⤵
        
        PID:736
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        301⤵
        
        PID:4896
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        302⤵
        
        PID:2184
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        303⤵
        
        PID:5040
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        304⤵
        
        PID:2912
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        305⤵
        
        PID:3872
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        306⤵
        
        PID:3688
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        307⤵
        
        PID:4512
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        308⤵
        
        PID:3008
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        309⤵
        
        PID:3456
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        310⤵
        
        PID:3144
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        311⤵
        
        PID:3892
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        312⤵
        
        PID:5084
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        313⤵
        
        PID:1088
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        314⤵
        
        PID:4840
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        315⤵
        
        PID:2052
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        316⤵
        
        PID:3204
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        317⤵
        
        PID:1636
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        318⤵
        
        PID:4848
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        319⤵
        
        PID:1272
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        320⤵
        
        PID:116
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        321⤵
        
        PID:2196
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        322⤵
        
        PID:1336
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        323⤵
        
        PID:4968
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        324⤵
        
        PID:2796
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        325⤵
        
        PID:4792
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        326⤵
        
        PID:4672
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        327⤵
        
        PID:4768
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        328⤵
        
        PID:3220
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        329⤵
        
        PID:5100
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        330⤵
        
        PID:784
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        331⤵
        
        PID:4760
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        332⤵
        
        PID:4104
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        333⤵
        
        PID:5032
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        334⤵
        
        PID:2504
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        335⤵
        
        PID:2312
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        336⤵
        
        PID:4424
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        337⤵
        
        PID:1096
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        338⤵
        
        PID:3116
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        339⤵
        
        PID:3412
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        340⤵
        
        PID:3704
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        341⤵
        
        PID:2456
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        342⤵
        
        PID:1396
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        343⤵
        
        PID:1620
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        344⤵
        
        PID:2596
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        345⤵
        
        PID:3020
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        346⤵
        
        PID:4336
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        347⤵
        
        PID:2888
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        348⤵
        
        PID:4916
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        349⤵
        
        PID:2232
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        350⤵
        
        PID:4448
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        351⤵
        
        PID:1220
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        352⤵
        
        PID:980
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        353⤵
        
        PID:4196
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        354⤵
        
        PID:4324
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        355⤵
        
        PID:3156
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        356⤵
        
        PID:4436
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        357⤵
        
        PID:896
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        358⤵
        
        PID:3528
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        359⤵
        
        PID:1040
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        360⤵
        
        PID:1652
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        361⤵
        
        PID:2360
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        362⤵
        
        PID:3304
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        363⤵
        
        PID:3064
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        364⤵
        
        PID:1420
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        365⤵
        
        PID:2932
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        366⤵
        
        PID:2432
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        367⤵
        
        PID:2436
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        368⤵
        
        PID:1928
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        369⤵
        
        PID:3924
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        370⤵
        
        PID:1568
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        371⤵
        
        PID:4704
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        372⤵
        
        PID:4484
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        373⤵
        
        PID:728
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        374⤵
        
        PID:784
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        375⤵
        
        PID:4532
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        376⤵
        
        PID:2984
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        377⤵
        
        PID:4812
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        378⤵
        
        PID:4604
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        379⤵
        
        PID:1648
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        380⤵
        
        PID:1392
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        381⤵
        
        PID:2668
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        382⤵
        
        PID:4284
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        383⤵
        
        PID:5036
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        384⤵
        
        PID:4340
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        385⤵
        
        PID:4980
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        386⤵
        
        PID:5040
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        387⤵
        
        PID:2876
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        388⤵
        
        PID:4668
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        389⤵
        
        PID:4800
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        390⤵
        
        PID:4872
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        391⤵
        
        PID:1560
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        392⤵
        
        PID:4160
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        393⤵
        
        PID:4708
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        394⤵
        
        PID:4860
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        395⤵
        
        PID:3376
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        396⤵
        
        PID:3164
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        397⤵
        
        PID:4416
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        398⤵
        
        PID:2052
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        399⤵
        
        PID:1120
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        400⤵
        
        PID:2364
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        401⤵
        
        PID:2376
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        402⤵
        
        PID:1768
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        403⤵
        
        PID:1352
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        404⤵
        
        PID:2188
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        405⤵
        
        PID:3052
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        406⤵
        
        PID:2008
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        407⤵
        
        PID:2300
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        408⤵
        
        PID:4496
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        409⤵
        
        PID:1216
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        410⤵
        
        PID:2280
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        411⤵
        
        PID:1452
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        412⤵
        
        PID:3656
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        413⤵
        
        PID:2724
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        414⤵
        
        PID:4620
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        415⤵
        
        PID:3780
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        416⤵
        
        PID:4504
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        417⤵
        
        PID:3092
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        418⤵
        
        PID:4908
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        419⤵
        
        PID:1580
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        420⤵
        
        PID:2400
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        421⤵
        
        PID:4040
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        422⤵
        
        PID:4788
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        423⤵
        
        PID:3416
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        424⤵
        
        PID:404
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        425⤵
        
        PID:3600
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        426⤵
        
        PID:4364
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        
        C:\Users\Admin\AppData\Local\Temp\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe
        427⤵
        
        PID:3704

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\b938d57b74f198266f87c1fad3cc9942_JaffaCakes118.exe.log

Filesize
128B

MD5
3d238ac6dd6710907edf2ad7893a0ed2

SHA1
b07aaeeb31bdc6e94097a254be088b092dc1fb68

SHA256
02d215d5b6ea166e6c4c4669547cbadecbb427d5baf394fbffc7ef374a967501

SHA512
c358aa68303aa99ebc019014b4c1fc2fbfa98733f1ea863bf78ca2b877dc5c610121115432d96504df9e43bdda637b067359b07228b6f129bc5ec9a01ed3ee24

Download Submit
memory/1520-0-0x00007FFDCF855000-0x00007FFDCF856000-memory.dmp

Filesize
4KB

Download
memory/1520-1-0x00007FFDCF5A0000-0x00007FFDCFF41000-memory.dmp

Filesize
9.6MB

Download
memory/1520-2-0x00007FFDCF5A0000-0x00007FFDCFF41000-memory.dmp

Filesize
9.6MB

Download
memory/1520-5-0x00007FFDCF5A0000-0x00007FFDCFF41000-memory.dmp

Filesize
9.6MB

Download
memory/2892-9-0x00007FFDCF5A0000-0x00007FFDCFF41000-memory.dmp

Filesize
9.6MB

Download
memory/2892-10-0x00007FFDCF5A0000-0x00007FFDCFF41000-memory.dmp

Filesize
9.6MB

Download
memory/2892-11-0x00007FFDCF5A0000-0x00007FFDCFF41000-memory.dmp

Filesize
9.6MB

Download
memory/2892-12-0x00007FFDCF5A0000-0x00007FFDCFF41000-memory.dmp

Filesize
9.6MB

Download
memory/4320-6-0x00007FFDCF5A0000-0x00007FFDCFF41000-memory.dmp

Filesize
9.6MB

Download
memory/4320-7-0x00007FFDCF5A0000-0x00007FFDCFF41000-memory.dmp

Filesize
9.6MB

Download
memory/4320-8-0x00007FFDCF5A0000-0x00007FFDCFF41000-memory.dmp

Filesize
9.6MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads