a410d04d919c39d5f6be80f4a8a6eb61dafbd57f1b867cdc48c213d37d2f5786

Analysis

max time kernel
150s
max time network
143s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
10-01-2025 19:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Size

844KB
MD5

ecba252daf2e1fb8b65b0af04bb6385d
SHA1

18956962cf9c921f8b86a9f21bb6c2de8202f344
SHA256

a410d04d919c39d5f6be80f4a8a6eb61dafbd57f1b867cdc48c213d37d2f5786
SHA512

3b131ee7b34280932cd1a1cbb1712c3a294a145974fd5d4f58a0fde3dad30c1686693eee3b4793d0af41162ad74c9064ef96b62c4edd5bc8b86b809aa4bcac3e
SSDEEP

12288:NDL6oxYlzaD69WuBq1C6MHCssAJ/S/YT4n2WwL1Sk4bZAGFqNWuKFhUOyUbWN5l:tGvEAttsw/SI4n2HSkOgN+Vy3l

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 64 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 436 wrote to memory of 804	436	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	83
PID 436 wrote to memory of 804	436	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	83
PID 436 wrote to memory of 804	436	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	83
PID 804 wrote to memory of 4296	804	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	84
PID 804 wrote to memory of 4296	804	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	84
PID 804 wrote to memory of 4296	804	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	84
PID 4296 wrote to memory of 372	4296	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	85
PID 4296 wrote to memory of 372	4296	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	85
PID 4296 wrote to memory of 372	4296	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	85
PID 372 wrote to memory of 1688	372	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	86
PID 372 wrote to memory of 1688	372	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	86
PID 372 wrote to memory of 1688	372	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	86
PID 1688 wrote to memory of 3472	1688	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	87
PID 1688 wrote to memory of 3472	1688	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	87
PID 1688 wrote to memory of 3472	1688	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	87
PID 3472 wrote to memory of 3576	3472	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	88
PID 3472 wrote to memory of 3576	3472	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	88
PID 3472 wrote to memory of 3576	3472	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	88
PID 3576 wrote to memory of 5060	3576	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	90
PID 3576 wrote to memory of 5060	3576	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	90
PID 3576 wrote to memory of 5060	3576	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	90
PID 5060 wrote to memory of 2544	5060	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	91
PID 5060 wrote to memory of 2544	5060	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	91
PID 5060 wrote to memory of 2544	5060	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	91
PID 2544 wrote to memory of 3716	2544	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	92
PID 2544 wrote to memory of 3716	2544	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	92
PID 2544 wrote to memory of 3716	2544	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	92
PID 3716 wrote to memory of 1320	3716	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	93
PID 3716 wrote to memory of 1320	3716	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	93
PID 3716 wrote to memory of 1320	3716	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	93
PID 1320 wrote to memory of 2776	1320	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	94
PID 1320 wrote to memory of 2776	1320	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	94
PID 1320 wrote to memory of 2776	1320	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	94
PID 2776 wrote to memory of 4568	2776	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	95
PID 2776 wrote to memory of 4568	2776	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	95
PID 2776 wrote to memory of 4568	2776	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	95
PID 4568 wrote to memory of 1220	4568	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	96
PID 4568 wrote to memory of 1220	4568	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	96
PID 4568 wrote to memory of 1220	4568	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	96
PID 1220 wrote to memory of 3340	1220	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	97
PID 1220 wrote to memory of 3340	1220	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	97
PID 1220 wrote to memory of 3340	1220	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	97
PID 3340 wrote to memory of 3048	3340	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	98
PID 3340 wrote to memory of 3048	3340	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	98
PID 3340 wrote to memory of 3048	3340	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	98
PID 3048 wrote to memory of 3888	3048	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	99
PID 3048 wrote to memory of 3888	3048	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	99
PID 3048 wrote to memory of 3888	3048	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	99
PID 3888 wrote to memory of 4540	3888	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	100
PID 3888 wrote to memory of 4540	3888	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	100
PID 3888 wrote to memory of 4540	3888	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	100
PID 4540 wrote to memory of 3488	4540	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	101
PID 4540 wrote to memory of 3488	4540	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	101
PID 4540 wrote to memory of 3488	4540	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	101
PID 3488 wrote to memory of 2336	3488	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	102
PID 3488 wrote to memory of 2336	3488	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	102
PID 3488 wrote to memory of 2336	3488	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	102
PID 2336 wrote to memory of 2800	2336	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	103
PID 2336 wrote to memory of 2800	2336	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	103
PID 2336 wrote to memory of 2800	2336	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	103
PID 2800 wrote to memory of 3764	2800	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	104
PID 2800 wrote to memory of 3764	2800	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	104
PID 2800 wrote to memory of 3764	2800	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	104
PID 3764 wrote to memory of 3020	3764	JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe	105

C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
"C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:436
- C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
  "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
  2⤵
  - System Location Discovery: System Language Discovery
  - Suspicious use of WriteProcessMemory
  PID:804
- - C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
    "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
    3⤵
    - System Location Discovery: System Language Discovery
    - Suspicious use of WriteProcessMemory
    PID:4296
  - - C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
      "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
      4⤵
      Suspicious use of WriteProcessMemory
      PID:372
    - - C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        5⤵
        Suspicious use of WriteProcessMemory
        
        PID:1688
      - C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        6⤵
        Suspicious use of WriteProcessMemory
        
        PID:3472
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        7⤵
        Suspicious use of WriteProcessMemory
        
        PID:3576
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        8⤵
        Suspicious use of WriteProcessMemory
        
        PID:5060
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        9⤵
        System Location Discovery: System Language Discovery
        Suspicious use of WriteProcessMemory
        
        PID:2544
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        10⤵
        Suspicious use of WriteProcessMemory
        
        PID:3716
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        11⤵
        Suspicious use of WriteProcessMemory
        
        PID:1320
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        12⤵
        System Location Discovery: System Language Discovery
        Suspicious use of WriteProcessMemory
        
        PID:2776
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        13⤵
        Suspicious use of WriteProcessMemory
        
        PID:4568
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        14⤵
        Suspicious use of WriteProcessMemory
        
        PID:1220
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        15⤵
        Suspicious use of WriteProcessMemory
        
        PID:3340
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        16⤵
        Suspicious use of WriteProcessMemory
        
        PID:3048
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        17⤵
        System Location Discovery: System Language Discovery
        Suspicious use of WriteProcessMemory
        
        PID:3888
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        18⤵
        Suspicious use of WriteProcessMemory
        
        PID:4540
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        19⤵
        Suspicious use of WriteProcessMemory
        
        PID:3488
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        20⤵
        Suspicious use of WriteProcessMemory
        
        PID:2336
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        21⤵
        Suspicious use of WriteProcessMemory
        
        PID:2800
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        22⤵
        Suspicious use of WriteProcessMemory
        
        PID:3764
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        23⤵
        
        PID:3020
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        24⤵
        
        PID:1472
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        25⤵
        
        PID:2276
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        26⤵
        
        PID:3044
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        27⤵
        
        PID:4396
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        28⤵
        
        PID:3600
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        29⤵
        
        PID:2524
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        30⤵
        
        PID:2128
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        31⤵
        
        PID:3768
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        32⤵
        
        PID:1708
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        33⤵
        System Location Discovery: System Language Discovery
        
        PID:3568
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        34⤵
        
        PID:3664
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        35⤵
        
        PID:3644
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        36⤵
        
        PID:1716
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        37⤵
        System Location Discovery: System Language Discovery
        
        PID:4824
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        38⤵
        
        PID:2400
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        39⤵
        
        PID:2820
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        40⤵
        
        PID:700
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        41⤵
        
        PID:3436
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        42⤵
        
        PID:4708
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        43⤵
        
        PID:2020
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        44⤵
        
        PID:3804
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        45⤵
        
        PID:1832
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        46⤵
        
        PID:3668
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        47⤵
        
        PID:4388
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        48⤵
        
        PID:1864
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        49⤵
        System Location Discovery: System Language Discovery
        
        PID:436
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        50⤵
        
        PID:1988
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        51⤵
        
        PID:212
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        52⤵
        System Location Discovery: System Language Discovery
        
        PID:2948
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        53⤵
        
        PID:860
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        54⤵
        
        PID:1608
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        55⤵
        
        PID:3588
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        56⤵
        System Location Discovery: System Language Discovery
        
        PID:1320
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        57⤵
        
        PID:2776
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        58⤵
        
        PID:4000
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        59⤵
        System Location Discovery: System Language Discovery
        
        PID:1220
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        60⤵
        
        PID:2076
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        61⤵
        
        PID:4004
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        62⤵
        
        PID:4124
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        63⤵
        
        PID:4572
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        64⤵
        
        PID:1820
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        65⤵
        System Location Discovery: System Language Discovery
        
        PID:220
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        66⤵
        
        PID:896
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        67⤵
        
        PID:624
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        68⤵
        
        PID:2804
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        69⤵
        System Location Discovery: System Language Discovery
        
        PID:3404
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        70⤵
        
        PID:2368
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        71⤵
        
        PID:4836
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        72⤵
        
        PID:2360
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        73⤵
        
        PID:1432
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        74⤵
        
        PID:2092
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        75⤵
        
        PID:4592
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        76⤵
        
        PID:684
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        77⤵
        
        PID:4752
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        78⤵
        
        PID:4088
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        79⤵
        
        PID:2008
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        80⤵
        
        PID:4944
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        81⤵
        
        PID:1548
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        82⤵
        
        PID:1328
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        83⤵
        
        PID:3828
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        84⤵
        
        PID:4380
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        85⤵
        
        PID:872
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        86⤵
        
        PID:4628
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        87⤵
        System Location Discovery: System Language Discovery
        
        PID:3184
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        88⤵
        System Location Discovery: System Language Discovery
        
        PID:3604
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        89⤵
        
        PID:3668
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        90⤵
        
        PID:4488
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        91⤵
        
        PID:3204
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        92⤵
        
        PID:436
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        93⤵
        
        PID:1984
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        94⤵
        
        PID:1232
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        95⤵
        System Location Discovery: System Language Discovery
        
        PID:1360
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        96⤵
        
        PID:320
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        97⤵
        
        PID:808
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        98⤵
        
        PID:1056
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        99⤵
        System Location Discovery: System Language Discovery
        
        PID:4712
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        100⤵
        
        PID:4284
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        101⤵
        
        PID:2352
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        102⤵
        
        PID:4568
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        103⤵
        System Location Discovery: System Language Discovery
        
        PID:1752
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        104⤵
        
        PID:1696
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        105⤵
        
        PID:4516
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        106⤵
        
        PID:4952
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        107⤵
        
        PID:3048
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        108⤵
        
        PID:3888
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        109⤵
        
        PID:4540
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        110⤵
        
        PID:3488
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        111⤵
        
        PID:2336
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        112⤵
        
        PID:2600
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        113⤵
        System Location Discovery: System Language Discovery
        
        PID:3764
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        114⤵
        
        PID:2216
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        115⤵
        
        PID:2608
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        116⤵
        System Location Discovery: System Language Discovery
        
        PID:2704
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        117⤵
        
        PID:2540
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        118⤵
        
        PID:3424
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        119⤵
        
        PID:4652
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        120⤵
        
        PID:996
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        121⤵
        System Location Discovery: System Language Discovery
        
        PID:536
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        122⤵
        
        PID:960
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        123⤵
        
        PID:4512
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        124⤵
        
        PID:4240
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        125⤵
        
        PID:3532
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        126⤵
        
        PID:2180
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        127⤵
        
        PID:4924
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        128⤵
        
        PID:3512
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        129⤵
        
        PID:452
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        130⤵
        System Location Discovery: System Language Discovery
        
        PID:4944
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        131⤵
        
        PID:1940
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        132⤵
        
        PID:1328
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        133⤵
        System Location Discovery: System Language Discovery
        
        PID:3828
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        134⤵
        
        PID:2692
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        135⤵
        
        PID:4192
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        136⤵
        
        PID:3052
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        137⤵
        
        PID:4260
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        138⤵
        System Location Discovery: System Language Discovery
        
        PID:3700
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        139⤵
        
        PID:2384
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        140⤵
        
        PID:2812
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        141⤵
        
        PID:1872
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        142⤵
        
        PID:4884
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        143⤵
        
        PID:3204
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        144⤵
        
        PID:3884
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        145⤵
        
        PID:5044
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        146⤵
        
        PID:4372
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        147⤵
        
        PID:2732
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        148⤵
        
        PID:1732
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        149⤵
        
        PID:4332
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        150⤵
        
        PID:4936
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        151⤵
        System Location Discovery: System Language Discovery
        
        PID:3812
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        152⤵
        
        PID:3524
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        153⤵
        
        PID:4284
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        154⤵
        System Location Discovery: System Language Discovery
        
        PID:1500
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        155⤵
        
        PID:1756
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        156⤵
        
        PID:1752
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        157⤵
        
        PID:1072
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        158⤵
        
        PID:4748
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        159⤵
        
        PID:4952
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        160⤵
        
        PID:4476
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        161⤵
        
        PID:4076
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        162⤵
        
        PID:2152
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        163⤵
        
        PID:3408
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        164⤵
        
        PID:2600
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        165⤵
        
        PID:896
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        166⤵
        
        PID:2016
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        167⤵
        
        PID:2608
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        168⤵
        
        PID:4716
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        169⤵
        
        PID:2448
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        170⤵
        
        PID:3424
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        171⤵
        System Location Discovery: System Language Discovery
        
        PID:2304
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        172⤵
        
        PID:1432
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        173⤵
        
        PID:2092
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        174⤵
        System Location Discovery: System Language Discovery
        
        PID:4544
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        175⤵
        
        PID:3104
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        176⤵
        
        PID:4036
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        177⤵
        
        PID:4088
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        178⤵
        
        PID:3916
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        179⤵
        
        PID:2008
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        180⤵
        System Location Discovery: System Language Discovery
        
        PID:4280
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        181⤵
        
        PID:3432
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        182⤵
        
        PID:2464
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        183⤵
        
        PID:4944
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        184⤵
        System Location Discovery: System Language Discovery
        
        PID:1940
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        185⤵
        
        PID:1328
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        186⤵
        
        PID:3480
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        187⤵
        
        PID:4380
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        188⤵
        System Location Discovery: System Language Discovery
        
        PID:1184
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        189⤵
        System Location Discovery: System Language Discovery
        
        PID:1920
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        190⤵
        
        PID:2020
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        191⤵
        
        PID:3644
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        192⤵
        
        PID:3604
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        193⤵
        
        PID:4428
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        194⤵
        
        PID:2992
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        195⤵
        
        PID:1864
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        196⤵
        
        PID:1664
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        197⤵
        System Location Discovery: System Language Discovery
        
        PID:3884
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        198⤵
        
        PID:372
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        199⤵
        
        PID:4064
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        200⤵
        
        PID:3152
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        201⤵
        System Location Discovery: System Language Discovery
        
        PID:2852
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        202⤵
        
        PID:808
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        203⤵
        
        PID:3464
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        204⤵
        
        PID:1312
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        205⤵
        
        PID:4148
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        206⤵
        
        PID:2352
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        207⤵
        
        PID:936
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        208⤵
        
        PID:3948
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        209⤵
        System Location Discovery: System Language Discovery
        
        PID:4528
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        210⤵
        
        PID:4516
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        211⤵
        
        PID:2780
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        212⤵
        
        PID:4740
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        213⤵
        
        PID:2432
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        214⤵
        
        PID:4876
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        215⤵
        
        PID:2340
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        216⤵
        
        PID:4572
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        217⤵
        
        PID:3944
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        218⤵
        
        PID:220
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        219⤵
        
        PID:4480
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        220⤵
        
        PID:3080
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        221⤵
        
        PID:3140
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        222⤵
        
        PID:2084
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        223⤵
        
        PID:1832
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        224⤵
        System Location Discovery: System Language Discovery
        
        PID:2548
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        225⤵
        
        PID:1776
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        226⤵
        
        PID:3600
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        227⤵
        
        PID:4812
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        228⤵
        System Location Discovery: System Language Discovery
        
        PID:3284
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        229⤵
        
        PID:1408
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        230⤵
        
        PID:2256
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        231⤵
        
        PID:4152
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        232⤵
        
        PID:3440
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        233⤵
        
        PID:4752
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        234⤵
        System Location Discovery: System Language Discovery
        
        PID:3924
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        235⤵
        
        PID:4832
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        236⤵
        
        PID:4824
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        237⤵
        
        PID:1444
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        238⤵
        
        PID:452
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        239⤵
        
        PID:3816
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        240⤵
        
        PID:2028
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        241⤵
        
        PID:3436
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        242⤵
        
        PID:1328
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        243⤵
        
        PID:2308
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        244⤵
        System Location Discovery: System Language Discovery
        
        PID:828
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        245⤵
        
        PID:388
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        246⤵
        System Location Discovery: System Language Discovery
        
        PID:5072
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        247⤵
        
        PID:3700
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        248⤵
        
        PID:5012
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        249⤵
        
        PID:1464
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        250⤵
        
        PID:3624
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        251⤵
        
        PID:3668
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        252⤵
        
        PID:1864
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        253⤵
        
        PID:228
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        254⤵
        
        PID:436
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        255⤵
        System Location Discovery: System Language Discovery
        
        PID:372
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        256⤵
        
        PID:2732
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        257⤵
        
        PID:2332
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        258⤵
        
        PID:1688
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        259⤵
        
        PID:808
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        260⤵
        
        PID:2268
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        261⤵
        System Location Discovery: System Language Discovery
        
        PID:1312
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        262⤵
        
        PID:3908
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        263⤵
        
        PID:2352
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        264⤵
        System Location Discovery: System Language Discovery
        
        PID:3040
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        265⤵
        
        PID:1752
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        266⤵
        
        PID:2544
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        267⤵
        
        PID:3000
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        268⤵
        
        PID:4748
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        269⤵
        
        PID:4040
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        270⤵
        
        PID:620
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        271⤵
        
        PID:1996
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        272⤵
        
        PID:4012
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        273⤵
        
        PID:4996
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        274⤵
        
        PID:4624
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        275⤵
        
        PID:100
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        276⤵
        System Location Discovery: System Language Discovery
        
        PID:3364
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        277⤵
        
        PID:3744
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        278⤵
        
        PID:3020
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        279⤵
        
        PID:896
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        280⤵
        
        PID:856
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        281⤵
        
        PID:4532
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        282⤵
        
        PID:2392
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        283⤵
        
        PID:1704
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        284⤵
        System Location Discovery: System Language Discovery
        
        PID:1832
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        285⤵
        
        PID:2548
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        286⤵
        System Location Discovery: System Language Discovery
        
        PID:4404
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        287⤵
        
        PID:2360
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        288⤵
        System Location Discovery: System Language Discovery
        
        PID:5056
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        289⤵
        System Location Discovery: System Language Discovery
        
        PID:2128
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        290⤵
        System Location Discovery: System Language Discovery
        
        PID:1432
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        291⤵
        
        PID:2092
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        292⤵
        
        PID:4512
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        293⤵
        
        PID:4216
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        294⤵
        System Location Discovery: System Language Discovery
        
        PID:4036
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        295⤵
        
        PID:2180
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        296⤵
        
        PID:364
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        297⤵
        
        PID:3232
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        298⤵
        System Location Discovery: System Language Discovery
        
        PID:1952
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        299⤵
        
        PID:1636
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        300⤵
        
        PID:4916
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        301⤵
        
        PID:2028
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        302⤵
        
        PID:1476
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        303⤵
        
        PID:4708
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        304⤵
        
        PID:2692
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        305⤵
        
        PID:3544
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        306⤵
        
        PID:2984
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        307⤵
        
        PID:1336
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        308⤵
        
        PID:1052
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        309⤵
        
        PID:2712
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        310⤵
        
        PID:2140
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        311⤵
        
        PID:1000
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        312⤵
        System Location Discovery: System Language Discovery
        
        PID:4884
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        313⤵
        
        PID:3880
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        314⤵
        
        PID:3932
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        315⤵
        
        PID:3528
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        316⤵
        
        PID:4372
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        317⤵
        
        PID:3312
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        318⤵
        
        PID:548
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        319⤵
        
        PID:1688
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        320⤵
        
        PID:1196
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        321⤵
        
        PID:4608
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        322⤵
        
        PID:1312
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        323⤵
        
        PID:3908
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        324⤵
        
        PID:4000
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        325⤵
        
        PID:3040
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        326⤵
        
        PID:1752
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        327⤵
        
        PID:4384
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        328⤵
        
        PID:660
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        329⤵
        
        PID:3928
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        330⤵
        
        PID:4648
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        331⤵
        
        PID:4560
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        332⤵
        System Location Discovery: System Language Discovery
        
        PID:2152
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        333⤵
        
        PID:1484
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        334⤵
        
        PID:5048
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        335⤵
        System Location Discovery: System Language Discovery
        
        PID:3408
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        336⤵
        System Location Discovery: System Language Discovery
        
        PID:3744
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        337⤵
        System Location Discovery: System Language Discovery
        
        PID:3020
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        338⤵
        
        PID:896
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        339⤵
        
        PID:856
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        340⤵
        
        PID:2276
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        341⤵
        
        PID:1472
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        342⤵
        
        PID:4836
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        343⤵
        
        PID:3988
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        344⤵
        
        PID:1480
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        345⤵
        
        PID:2304
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        346⤵
        
        PID:996
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        347⤵
        
        PID:3768
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        348⤵
        
        PID:1408
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        349⤵
        System Location Discovery: System Language Discovery
        
        PID:2256
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        350⤵
        System Location Discovery: System Language Discovery
        
        PID:4544
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        351⤵
        
        PID:3440
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        352⤵
        
        PID:4752
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        353⤵
        
        PID:1656
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        354⤵
        
        PID:3788
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        355⤵
        
        PID:4824
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        356⤵
        System Location Discovery: System Language Discovery
        
        PID:2240
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        357⤵
        
        PID:4256
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        358⤵
        
        PID:1096
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        359⤵
        
        PID:1628
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        360⤵
        
        PID:1552
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        361⤵
        System Location Discovery: System Language Discovery
        
        PID:2308
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        362⤵
        
        PID:1328
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        363⤵
        System Location Discovery: System Language Discovery
        
        PID:3544
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        364⤵
        
        PID:5072
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        365⤵
        
        PID:388
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        366⤵
        
        PID:1052
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        367⤵
        System Location Discovery: System Language Discovery
        
        PID:2228
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        368⤵
        
        PID:2988
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        369⤵
        
        PID:3536
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        370⤵
        
        PID:3204
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        371⤵
        
        PID:3880
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        372⤵
        
        PID:3932
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        373⤵
        System Location Discovery: System Language Discovery
        
        PID:1232
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        374⤵
        
        PID:4372
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        375⤵
        
        PID:3312
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        376⤵
        
        PID:1732
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        377⤵
        
        PID:1688
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        378⤵
        
        PID:1196
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        379⤵
        
        PID:4608
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        380⤵
        
        PID:1312
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        381⤵
        
        PID:3908
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        382⤵
        
        PID:4000
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        383⤵
        
        PID:4156
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        384⤵
        
        PID:1752
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        385⤵
        
        PID:3852
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        386⤵
        
        PID:4840
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        387⤵
        
        PID:4540
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        388⤵
        
        PID:4076
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        389⤵
        
        PID:1936
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        390⤵
        
        PID:2508
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        391⤵
        
        PID:2528
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        392⤵
        System Location Discovery: System Language Discovery
        
        PID:1792
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        393⤵
        
        PID:100
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        394⤵
        
        PID:5020
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        395⤵
        
        PID:3408
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        396⤵
        
        PID:3744
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        397⤵
        
        PID:2804
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        398⤵
        
        PID:4436
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        399⤵
        
        PID:3500
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        400⤵
        
        PID:2376
        
        C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe
        
        "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ecba252daf2e1fb8b65b0af04bb6385d.exe"
        401⤵
        
        PID:2608

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads