9e25c89846782ebffd2814e14b232447b20df9105cdfbc5a662c721360f0c7cd

Analysis

max time kernel
143s
max time network
161s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
17-01-2025 20:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

hmc hotmail.4/H/System.Windows.Controls.Ribbon.dll
Size

717KB
MD5

c938bb2a9537df587d9a4ce01de447b9
SHA1

8aee2b2e1c7c6786817a5136d011f8427ac9b92e
SHA256

c3fd046e992f96a0f4b729a6864d07f2320dc2f87fb34033874429c1f03b6931
SHA512

70eb8ee86a99f25dc9a35bad85e1dcb82dd16babbea6f2a9e540687caa96de3ccbd1205117820802853b3aa922a302183df8ec9c2cd459a4d5c111958de34e3b
SSDEEP

12288:CDZDWzv+aVPZDpPBi87JBIgu7PO447irbrM+murmje0Prjk3rNr0kzqA7+pHlj99:OmUzpXlzEOIF6HX6

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 64 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4900 wrote to memory of 2584	4900	rundll32.exe	81
PID 4900 wrote to memory of 2584	4900	rundll32.exe	81
PID 4900 wrote to memory of 2584	4900	rundll32.exe	81
PID 2584 wrote to memory of 3388	2584	rundll32.exe	82
PID 2584 wrote to memory of 3388	2584	rundll32.exe	82
PID 2584 wrote to memory of 3388	2584	rundll32.exe	82
PID 3388 wrote to memory of 2168	3388	rundll32.exe	83
PID 3388 wrote to memory of 2168	3388	rundll32.exe	83
PID 3388 wrote to memory of 2168	3388	rundll32.exe	83
PID 2168 wrote to memory of 3036	2168	rundll32.exe	84
PID 2168 wrote to memory of 3036	2168	rundll32.exe	84
PID 2168 wrote to memory of 3036	2168	rundll32.exe	84
PID 3036 wrote to memory of 3968	3036	rundll32.exe	85
PID 3036 wrote to memory of 3968	3036	rundll32.exe	85
PID 3036 wrote to memory of 3968	3036	rundll32.exe	85
PID 3968 wrote to memory of 404	3968	rundll32.exe	86
PID 3968 wrote to memory of 404	3968	rundll32.exe	86
PID 3968 wrote to memory of 404	3968	rundll32.exe	86
PID 404 wrote to memory of 2340	404	rundll32.exe	87
PID 404 wrote to memory of 2340	404	rundll32.exe	87
PID 404 wrote to memory of 2340	404	rundll32.exe	87
PID 2340 wrote to memory of 1608	2340	rundll32.exe	88
PID 2340 wrote to memory of 1608	2340	rundll32.exe	88
PID 2340 wrote to memory of 1608	2340	rundll32.exe	88
PID 1608 wrote to memory of 1392	1608	rundll32.exe	89
PID 1608 wrote to memory of 1392	1608	rundll32.exe	89
PID 1608 wrote to memory of 1392	1608	rundll32.exe	89
PID 1392 wrote to memory of 3980	1392	rundll32.exe	90
PID 1392 wrote to memory of 3980	1392	rundll32.exe	90
PID 1392 wrote to memory of 3980	1392	rundll32.exe	90
PID 3980 wrote to memory of 3528	3980	rundll32.exe	91
PID 3980 wrote to memory of 3528	3980	rundll32.exe	91
PID 3980 wrote to memory of 3528	3980	rundll32.exe	91
PID 3528 wrote to memory of 3504	3528	rundll32.exe	92
PID 3528 wrote to memory of 3504	3528	rundll32.exe	92
PID 3528 wrote to memory of 3504	3528	rundll32.exe	92
PID 3504 wrote to memory of 4032	3504	rundll32.exe	93
PID 3504 wrote to memory of 4032	3504	rundll32.exe	93
PID 3504 wrote to memory of 4032	3504	rundll32.exe	93
PID 4032 wrote to memory of 5076	4032	rundll32.exe	94
PID 4032 wrote to memory of 5076	4032	rundll32.exe	94
PID 4032 wrote to memory of 5076	4032	rundll32.exe	94
PID 5076 wrote to memory of 3224	5076	rundll32.exe	95
PID 5076 wrote to memory of 3224	5076	rundll32.exe	95
PID 5076 wrote to memory of 3224	5076	rundll32.exe	95
PID 3224 wrote to memory of 3212	3224	rundll32.exe	96
PID 3224 wrote to memory of 3212	3224	rundll32.exe	96
PID 3224 wrote to memory of 3212	3224	rundll32.exe	96
PID 3212 wrote to memory of 1932	3212	rundll32.exe	97
PID 3212 wrote to memory of 1932	3212	rundll32.exe	97
PID 3212 wrote to memory of 1932	3212	rundll32.exe	97
PID 1932 wrote to memory of 3160	1932	rundll32.exe	98
PID 1932 wrote to memory of 3160	1932	rundll32.exe	98
PID 1932 wrote to memory of 3160	1932	rundll32.exe	98
PID 3160 wrote to memory of 3656	3160	rundll32.exe	99
PID 3160 wrote to memory of 3656	3160	rundll32.exe	99
PID 3160 wrote to memory of 3656	3160	rundll32.exe	99
PID 3656 wrote to memory of 2532	3656	rundll32.exe	100
PID 3656 wrote to memory of 2532	3656	rundll32.exe	100
PID 3656 wrote to memory of 2532	3656	rundll32.exe	100
PID 2532 wrote to memory of 1848	2532	rundll32.exe	101
PID 2532 wrote to memory of 1848	2532	rundll32.exe	101
PID 2532 wrote to memory of 1848	2532	rundll32.exe	101
PID 1848 wrote to memory of 1780	1848	rundll32.exe	102

C:\Windows\system32\rundll32.exe
rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
1⤵
- Suspicious use of WriteProcessMemory
PID:4900
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
  2⤵
  - Suspicious use of WriteProcessMemory
  PID:2584
- - C:\Windows\SysWOW64\rundll32.exe
    rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
    3⤵
    - Suspicious use of WriteProcessMemory
    PID:3388
  - - C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
      4⤵
      System Location Discovery: System Language Discovery
      Suspicious use of WriteProcessMemory
      PID:2168
    - - C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        5⤵
        Suspicious use of WriteProcessMemory
        
        PID:3036
      - C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        6⤵
        Suspicious use of WriteProcessMemory
        
        PID:3968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        7⤵
        Suspicious use of WriteProcessMemory
        
        PID:404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        8⤵
        Suspicious use of WriteProcessMemory
        
        PID:2340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        9⤵
        Suspicious use of WriteProcessMemory
        
        PID:1608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        10⤵
        Suspicious use of WriteProcessMemory
        
        PID:1392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        11⤵
        Suspicious use of WriteProcessMemory
        
        PID:3980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        12⤵
        Suspicious use of WriteProcessMemory
        
        PID:3528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        13⤵
        Suspicious use of WriteProcessMemory
        
        PID:3504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        14⤵
        Suspicious use of WriteProcessMemory
        
        PID:4032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        15⤵
        Suspicious use of WriteProcessMemory
        
        PID:5076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        16⤵
        System Location Discovery: System Language Discovery
        Suspicious use of WriteProcessMemory
        
        PID:3224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        17⤵
        Suspicious use of WriteProcessMemory
        
        PID:3212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        18⤵
        Suspicious use of WriteProcessMemory
        
        PID:1932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        19⤵
        Suspicious use of WriteProcessMemory
        
        PID:3160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        20⤵
        Suspicious use of WriteProcessMemory
        
        PID:3656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        21⤵
        Suspicious use of WriteProcessMemory
        
        PID:2532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        22⤵
        Suspicious use of WriteProcessMemory
        
        PID:1848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        23⤵
        
        PID:1780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        24⤵
        System Location Discovery: System Language Discovery
        
        PID:224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        25⤵
        
        PID:2572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        26⤵
        
        PID:720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        27⤵
        
        PID:3644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        28⤵
        
        PID:4932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        29⤵
        
        PID:1756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        30⤵
        System Location Discovery: System Language Discovery
        
        PID:2704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        31⤵
        
        PID:4428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        32⤵
        
        PID:4772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        33⤵
        
        PID:1772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        34⤵
        
        PID:60
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        35⤵
        
        PID:724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        36⤵
        
        PID:4832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        37⤵
        
        PID:4636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        38⤵
        
        PID:2792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        39⤵
        
        PID:4720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        40⤵
        
        PID:1716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        41⤵
        
        PID:2888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        42⤵
        
        PID:3740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        43⤵
        
        PID:4248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        44⤵
        
        PID:3892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        45⤵
        
        PID:2396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        46⤵
        
        PID:4272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        47⤵
        
        PID:3440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        48⤵
        
        PID:3400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        49⤵
        
        PID:2140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        50⤵
        
        PID:1056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        51⤵
        
        PID:772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        52⤵
        
        PID:3660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        53⤵
        
        PID:3464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        54⤵
        
        PID:2108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        55⤵
        
        PID:4884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        56⤵
        
        PID:1296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        57⤵
        
        PID:4752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        58⤵
        
        PID:3768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        59⤵
        
        PID:3956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        60⤵
        
        PID:1436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        61⤵
        
        PID:3312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        62⤵
        
        PID:760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        63⤵
        
        PID:1120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        64⤵
        
        PID:4508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        65⤵
        
        PID:1236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        66⤵
        System Location Discovery: System Language Discovery
        
        PID:4536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        67⤵
        
        PID:2040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        68⤵
        
        PID:516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        69⤵
        
        PID:3492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        70⤵
        
        PID:3612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        71⤵
        
        PID:5052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        72⤵
        
        PID:652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        73⤵
        
        PID:3404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        74⤵
        System Location Discovery: System Language Discovery
        
        PID:4128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        75⤵
        
        PID:5020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        76⤵
        
        PID:3152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        77⤵
        
        PID:1308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        78⤵
        
        PID:1604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        79⤵
        
        PID:892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        80⤵
        
        PID:4324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        81⤵
        
        PID:212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        82⤵
        
        PID:4660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        83⤵
        
        PID:4192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        84⤵
        
        PID:3032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        85⤵
        
        PID:3408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        86⤵
        
        PID:1660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        87⤵
        
        PID:2248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        88⤵
        
        PID:1732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        89⤵
        
        PID:4304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        90⤵
        
        PID:2696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        91⤵
        
        PID:3760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        92⤵
        
        PID:4960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        93⤵
        
        PID:4948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        94⤵
        
        PID:2020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        95⤵
        
        PID:1132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        96⤵
        
        PID:4796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        97⤵
        
        PID:3912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        98⤵
        
        PID:1284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        99⤵
        
        PID:2508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        100⤵
        
        PID:4052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        101⤵
        
        PID:2308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        102⤵
        
        PID:2908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        103⤵
        
        PID:3680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        104⤵
        
        PID:3544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        105⤵
        
        PID:4864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        106⤵
        
        PID:3308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        107⤵
        
        PID:4828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        108⤵
        
        PID:1980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        109⤵
        
        PID:3832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        110⤵
        
        PID:2848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        111⤵
        
        PID:4492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        112⤵
        
        PID:3556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        113⤵
        
        PID:4068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        114⤵
        
        PID:2120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        115⤵
        
        PID:3788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        116⤵
        
        PID:4344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        117⤵
        System Location Discovery: System Language Discovery
        
        PID:3392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        118⤵
        System Location Discovery: System Language Discovery
        
        PID:3068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        119⤵
        
        PID:4436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        120⤵
        
        PID:5140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        121⤵
        
        PID:5156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        122⤵
        
        PID:5192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        123⤵
        
        PID:5220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        124⤵
        
        PID:5264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        125⤵
        
        PID:5296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        126⤵
        
        PID:5320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        127⤵
        
        PID:5376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        128⤵
        
        PID:5420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        129⤵
        
        PID:5436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        130⤵
        
        PID:5456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        131⤵
        
        PID:5472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        132⤵
        
        PID:5496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        133⤵
        
        PID:5512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        134⤵
        
        PID:5544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        135⤵
        
        PID:5560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        136⤵
        
        PID:5576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        137⤵
        
        PID:5596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        138⤵
        
        PID:5612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        139⤵
        
        PID:5624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        140⤵
        
        PID:5644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        141⤵
        
        PID:5660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        142⤵
        
        PID:5676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        143⤵
        
        PID:5688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        144⤵
        
        PID:5712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        145⤵
        
        PID:5728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        146⤵
        
        PID:5740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        147⤵
        
        PID:5756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        148⤵
        
        PID:5772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        149⤵
        
        PID:5792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        150⤵
        
        PID:5808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        151⤵
        
        PID:5820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        152⤵
        
        PID:5832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        153⤵
        
        PID:5848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        154⤵
        
        PID:5864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        155⤵
        
        PID:5880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        156⤵
        
        PID:5896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        157⤵
        
        PID:5912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        158⤵
        
        PID:5928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        159⤵
        
        PID:5944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        160⤵
        
        PID:5956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        161⤵
        
        PID:5972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        162⤵
        
        PID:5988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        163⤵
        
        PID:6004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        164⤵
        
        PID:6020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        165⤵
        
        PID:6040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        166⤵
        
        PID:6052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        167⤵
        
        PID:6068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        168⤵
        
        PID:6080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        169⤵
        
        PID:6100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        170⤵
        
        PID:6116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        171⤵
        
        PID:6132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        172⤵
        
        PID:5004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        173⤵
        
        PID:5276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        174⤵
        
        PID:5252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        175⤵
        
        PID:6156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        176⤵
        
        PID:6172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        177⤵
        
        PID:6188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        178⤵
        System Location Discovery: System Language Discovery
        
        PID:6204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        179⤵
        
        PID:6220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        180⤵
        
        PID:6236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        181⤵
        
        PID:6252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        182⤵
        System Location Discovery: System Language Discovery
        
        PID:6268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        183⤵
        
        PID:6284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        184⤵
        
        PID:6300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        185⤵
        
        PID:6316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        186⤵
        
        PID:6328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        187⤵
        
        PID:6340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        188⤵
        
        PID:6356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        189⤵
        
        PID:6372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        190⤵
        
        PID:6384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        191⤵
        
        PID:6404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        192⤵
        
        PID:6420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        193⤵
        
        PID:6436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        194⤵
        
        PID:6452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        195⤵
        
        PID:6484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        196⤵
        
        PID:6516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        197⤵
        
        PID:6560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        198⤵
        
        PID:6576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        199⤵
        
        PID:6600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        200⤵
        
        PID:6616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        201⤵
        System Location Discovery: System Language Discovery
        
        PID:6632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        202⤵
        
        PID:6648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        203⤵
        
        PID:6660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        204⤵
        
        PID:6672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        205⤵
        
        PID:6688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        206⤵
        
        PID:6700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        207⤵
        System Location Discovery: System Language Discovery
        
        PID:6716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        208⤵
        
        PID:6736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        209⤵
        
        PID:6752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        210⤵
        
        PID:6768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        211⤵
        
        PID:6804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        212⤵
        
        PID:6820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        213⤵
        
        PID:6832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        214⤵
        
        PID:6848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        215⤵
        
        PID:6864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        216⤵
        
        PID:6880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        217⤵
        
        PID:6896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        218⤵
        
        PID:6912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        219⤵
        
        PID:6924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        220⤵
        
        PID:6940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        221⤵
        
        PID:6956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        222⤵
        
        PID:6972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        223⤵
        
        PID:6984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        224⤵
        
        PID:6996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        225⤵
        
        PID:7016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        226⤵
        
        PID:7032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        227⤵
        
        PID:7048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        228⤵
        
        PID:7064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        229⤵
        System Location Discovery: System Language Discovery
        
        PID:7076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        230⤵
        
        PID:7088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        231⤵
        
        PID:7104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        232⤵
        
        PID:7120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        233⤵
        
        PID:7132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        234⤵
        
        PID:7144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        235⤵
        
        PID:7156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        236⤵
        
        PID:6544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        237⤵
        
        PID:6588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        238⤵
        System Location Discovery: System Language Discovery
        
        PID:6524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        239⤵
        
        PID:7176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        240⤵
        
        PID:7192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        241⤵
        
        PID:7212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        242⤵
        
        PID:7224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        243⤵
        
        PID:7244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        244⤵
        
        PID:7260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        245⤵
        
        PID:7276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        246⤵
        
        PID:7288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        247⤵
        
        PID:7304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        248⤵
        
        PID:7320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        249⤵
        
        PID:7336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        250⤵
        
        PID:7348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        251⤵
        
        PID:7360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        252⤵
        
        PID:7376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        253⤵
        System Location Discovery: System Language Discovery
        
        PID:7388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        254⤵
        
        PID:7404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        255⤵
        
        PID:7416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        256⤵
        
        PID:7432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        257⤵
        
        PID:7444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        258⤵
        
        PID:7456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        259⤵
        
        PID:7472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        260⤵
        
        PID:7484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        261⤵
        
        PID:7500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        262⤵
        
        PID:7512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        263⤵
        
        PID:7528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        264⤵
        
        PID:7540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        265⤵
        
        PID:7556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        266⤵
        
        PID:7568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        267⤵
        
        PID:7584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        268⤵
        
        PID:7600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        269⤵
        
        PID:7616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        270⤵
        
        PID:7632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        271⤵
        
        PID:7644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        272⤵
        
        PID:7660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        273⤵
        
        PID:7676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        274⤵
        
        PID:7696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        275⤵
        
        PID:7728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        276⤵
        
        PID:7756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        277⤵
        
        PID:7792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        278⤵
        System Location Discovery: System Language Discovery
        
        PID:7832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        279⤵
        
        PID:7848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        280⤵
        
        PID:7880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        281⤵
        
        PID:7916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        282⤵
        
        PID:7948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        283⤵
        
        PID:7960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        284⤵
        
        PID:7976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        285⤵
        
        PID:7992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        286⤵
        System Location Discovery: System Language Discovery
        
        PID:8008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        287⤵
        
        PID:8024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        288⤵
        
        PID:8052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        289⤵
        
        PID:8088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        290⤵
        System Location Discovery: System Language Discovery
        
        PID:8104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        291⤵
        
        PID:8128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        292⤵
        
        PID:8144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        293⤵
        
        PID:8156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        294⤵
        
        PID:8176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        295⤵
        
        PID:8188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        296⤵
        
        PID:8064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        297⤵
        
        PID:8112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        298⤵
        
        PID:8196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        299⤵
        
        PID:8212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        300⤵
        
        PID:8224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        301⤵
        
        PID:8236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        302⤵
        
        PID:8252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        303⤵
        
        PID:8268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        304⤵
        
        PID:8284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        305⤵
        
        PID:8296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        306⤵
        
        PID:8312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        307⤵
        
        PID:8332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        308⤵
        
        PID:8348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        309⤵
        
        PID:8364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        310⤵
        
        PID:8380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        311⤵
        
        PID:8392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        312⤵
        
        PID:8412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        313⤵
        
        PID:8424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        314⤵
        
        PID:8436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        315⤵
        
        PID:8456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        316⤵
        
        PID:8472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        317⤵
        
        PID:8492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        318⤵
        
        PID:8508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        319⤵
        
        PID:8520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        320⤵
        
        PID:8532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        321⤵
        
        PID:8548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        322⤵
        
        PID:8564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        323⤵
        
        PID:8576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        324⤵
        
        PID:8592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        325⤵
        
        PID:8608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        326⤵
        System Location Discovery: System Language Discovery
        
        PID:8620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        327⤵
        
        PID:8636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        328⤵
        
        PID:8648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        329⤵
        
        PID:8664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        330⤵
        
        PID:8680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        331⤵
        
        PID:8692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        332⤵
        
        PID:8712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        333⤵
        
        PID:8728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        334⤵
        
        PID:8740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        335⤵
        
        PID:8756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        336⤵
        System Location Discovery: System Language Discovery
        
        PID:8768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        337⤵
        
        PID:8780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        338⤵
        
        PID:8796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        339⤵
        
        PID:8808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        340⤵
        
        PID:8828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        341⤵
        
        PID:8844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        342⤵
        
        PID:8856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        343⤵
        
        PID:8872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        344⤵
        
        PID:8888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        345⤵
        
        PID:8904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        346⤵
        
        PID:8920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        347⤵
        System Location Discovery: System Language Discovery
        
        PID:8936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        348⤵
        
        PID:8952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        349⤵
        
        PID:8964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        350⤵
        
        PID:8980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        351⤵
        System Location Discovery: System Language Discovery
        
        PID:8996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        352⤵
        
        PID:9008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        353⤵
        
        PID:9024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        354⤵
        System Location Discovery: System Language Discovery
        
        PID:9036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        355⤵
        
        PID:9048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        356⤵
        
        PID:9060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        357⤵
        
        PID:9076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        358⤵
        
        PID:9092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        359⤵
        
        PID:9104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        360⤵
        
        PID:9120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        361⤵
        
        PID:9140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        362⤵
        
        PID:9152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        363⤵
        
        PID:9180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        364⤵
        
        PID:9192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        365⤵
        
        PID:9208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        366⤵
        
        PID:8320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        367⤵
        
        PID:5124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        368⤵
        
        PID:2744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        369⤵
        
        PID:2664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        370⤵
        
        PID:4456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        371⤵
        
        PID:1560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        372⤵
        
        PID:9224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        373⤵
        
        PID:9240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        374⤵
        
        PID:9256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        375⤵
        
        PID:9272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        376⤵
        
        PID:9292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        377⤵
        
        PID:9308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        378⤵
        
        PID:9320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        379⤵
        
        PID:9332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        380⤵
        System Location Discovery: System Language Discovery
        
        PID:9348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        381⤵
        
        PID:9360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        382⤵
        System Location Discovery: System Language Discovery
        
        PID:9380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        383⤵
        
        PID:9392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        384⤵
        
        PID:9408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        385⤵
        
        PID:9424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        386⤵
        
        PID:9436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        387⤵
        
        PID:9448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        388⤵
        
        PID:9464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        389⤵
        
        PID:9480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        390⤵
        
        PID:9496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        391⤵
        
        PID:9512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        392⤵
        
        PID:9524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        393⤵
        
        PID:9540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        394⤵
        
        PID:9556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        395⤵
        
        PID:9572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        396⤵
        
        PID:9584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        397⤵
        
        PID:9600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        398⤵
        
        PID:9616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        399⤵
        
        PID:9636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        400⤵
        
        PID:9652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        401⤵
        
        PID:9692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        402⤵
        
        PID:9716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        403⤵
        
        PID:9732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        404⤵
        
        PID:9748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        405⤵
        
        PID:9764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        406⤵
        
        PID:9776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        407⤵
        
        PID:9792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        408⤵
        
        PID:9808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        409⤵
        
        PID:9824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        410⤵
        
        PID:9840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        411⤵
        
        PID:9860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        412⤵
        
        PID:9872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        413⤵
        
        PID:9888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        414⤵
        
        PID:9916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        415⤵
        
        PID:9928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        416⤵
        
        PID:9948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        417⤵
        
        PID:9964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        418⤵
        
        PID:9980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        419⤵
        
        PID:9996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        420⤵
        
        PID:10008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        421⤵
        
        PID:10024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        422⤵
        System Location Discovery: System Language Discovery
        
        PID:10036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        423⤵
        
        PID:10056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        424⤵
        
        PID:10072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        425⤵
        
        PID:10088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        426⤵
        
        PID:10100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        427⤵
        
        PID:10112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        428⤵
        
        PID:10128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        429⤵
        
        PID:10144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        430⤵
        
        PID:10160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        431⤵
        
        PID:10176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        432⤵
        
        PID:10188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        433⤵
        
        PID:10204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        434⤵
        
        PID:10216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        435⤵
        
        PID:10232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        436⤵
        
        PID:9900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        437⤵
        
        PID:10248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        438⤵
        
        PID:10264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        439⤵
        
        PID:10280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        440⤵
        
        PID:10292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        441⤵
        
        PID:10308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        442⤵
        
        PID:10320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        443⤵
        
        PID:10332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        444⤵
        
        PID:10352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        445⤵
        
        PID:10364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        446⤵
        
        PID:10380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        447⤵
        
        PID:10400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        448⤵
        
        PID:10416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        449⤵
        
        PID:10432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        450⤵
        
        PID:10444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        451⤵
        
        PID:10460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        452⤵
        
        PID:10476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        453⤵
        
        PID:10492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        454⤵
        
        PID:10504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        455⤵
        
        PID:10520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        456⤵
        
        PID:10536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        457⤵
        
        PID:10552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        458⤵
        
        PID:10564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        459⤵
        System Location Discovery: System Language Discovery
        
        PID:10576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        460⤵
        
        PID:10592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        461⤵
        
        PID:10608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        462⤵
        
        PID:10620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        463⤵
        System Location Discovery: System Language Discovery
        
        PID:10632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        464⤵
        
        PID:10644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        465⤵
        
        PID:10656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        466⤵
        
        PID:10668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        467⤵
        
        PID:10680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        468⤵
        
        PID:10692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        469⤵
        
        PID:10704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        470⤵
        
        PID:10720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        471⤵
        
        PID:10736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        472⤵
        
        PID:10748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        473⤵
        
        PID:10764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        474⤵
        
        PID:10780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        475⤵
        
        PID:10796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        476⤵
        
        PID:10812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        477⤵
        
        PID:10824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        478⤵
        
        PID:10844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        479⤵
        
        PID:10860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        480⤵
        
        PID:10872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        481⤵
        
        PID:10888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        482⤵
        
        PID:10904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        483⤵
        
        PID:10920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        484⤵
        
        PID:10932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        485⤵
        
        PID:10944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        486⤵
        
        PID:10956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        487⤵
        
        PID:10968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        488⤵
        System Location Discovery: System Language Discovery
        
        PID:10984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        489⤵
        
        PID:10996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        490⤵
        
        PID:11008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        491⤵
        
        PID:11024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        492⤵
        
        PID:11040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        493⤵
        
        PID:11056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        494⤵
        
        PID:11072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        495⤵
        
        PID:11084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        496⤵
        
        PID:11100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        497⤵
        
        PID:11116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        498⤵
        System Location Discovery: System Language Discovery
        
        PID:11132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        499⤵
        
        PID:11148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        500⤵
        System Location Discovery: System Language Discovery
        
        PID:11164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        501⤵
        
        PID:11180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        502⤵
        
        PID:11196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        503⤵
        
        PID:11208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        504⤵
        
        PID:11220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        505⤵
        
        PID:11236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        506⤵
        
        PID:11252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        507⤵
        
        PID:5340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        508⤵
        
        PID:10340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        509⤵
        
        PID:11268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        510⤵
        
        PID:11284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        511⤵
        
        PID:11300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        512⤵
        
        PID:11316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        513⤵
        
        PID:11336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        514⤵
        
        PID:11352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        515⤵
        
        PID:11364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        516⤵
        
        PID:11380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        517⤵
        
        PID:11396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        518⤵
        
        PID:11412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        519⤵
        
        PID:11424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        520⤵
        
        PID:11436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        521⤵
        
        PID:11456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        522⤵
        
        PID:11468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        523⤵
        
        PID:11480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        524⤵
        
        PID:11496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        525⤵
        
        PID:11512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        526⤵
        
        PID:11528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        527⤵
        
        PID:11540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        528⤵
        
        PID:11552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        529⤵
        
        PID:11568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        530⤵
        
        PID:11584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        531⤵
        
        PID:11600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        532⤵
        
        PID:11612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        533⤵
        System Location Discovery: System Language Discovery
        
        PID:11628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        534⤵
        
        PID:11640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        535⤵
        
        PID:11656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        536⤵
        
        PID:11672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        537⤵
        
        PID:11688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        538⤵
        
        PID:11704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        539⤵
        
        PID:11716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        540⤵
        
        PID:11732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        541⤵
        
        PID:11744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        542⤵
        
        PID:11760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        543⤵
        
        PID:11776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        544⤵
        
        PID:11788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        545⤵
        
        PID:11808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        546⤵
        
        PID:11824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        547⤵
        
        PID:11836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        548⤵
        
        PID:11856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        549⤵
        
        PID:11876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        550⤵
        
        PID:11892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        551⤵
        
        PID:11908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        552⤵
        
        PID:11924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        553⤵
        
        PID:11940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        554⤵
        
        PID:11956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        555⤵
        
        PID:11968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        556⤵
        
        PID:11980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        557⤵
        
        PID:11996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        558⤵
        
        PID:12016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        559⤵
        
        PID:12032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        560⤵
        
        PID:12044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        561⤵
        
        PID:12060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        562⤵
        
        PID:12076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        563⤵
        
        PID:12092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        564⤵
        System Location Discovery: System Language Discovery
        
        PID:12104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        565⤵
        System Location Discovery: System Language Discovery
        
        PID:12120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        566⤵
        
        PID:12136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        567⤵
        
        PID:12148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        568⤵
        
        PID:12164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        569⤵
        
        PID:12180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        570⤵
        
        PID:12196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        571⤵
        
        PID:12212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        572⤵
        System Location Discovery: System Language Discovery
        
        PID:12228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        573⤵
        
        PID:12244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        574⤵
        
        PID:12260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        575⤵
        System Location Discovery: System Language Discovery
        
        PID:12276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        576⤵
        
        PID:11864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        577⤵
        
        PID:12304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        578⤵
        
        PID:12320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        579⤵
        
        PID:12336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        580⤵
        System Location Discovery: System Language Discovery
        
        PID:12352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        581⤵
        
        PID:12364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        582⤵
        
        PID:12380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        583⤵
        
        PID:12392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        584⤵
        
        PID:12416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        585⤵
        
        PID:12428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        586⤵
        
        PID:12444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        587⤵
        
        PID:12456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        588⤵
        
        PID:12472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        589⤵
        
        PID:12488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        590⤵
        
        PID:12504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        591⤵
        
        PID:12520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        592⤵
        
        PID:12536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        593⤵
        
        PID:12548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        594⤵
        
        PID:12560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        595⤵
        
        PID:12576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        596⤵
        System Location Discovery: System Language Discovery
        
        PID:12592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        597⤵
        
        PID:12604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        598⤵
        
        PID:12620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        599⤵
        
        PID:12636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        600⤵
        System Location Discovery: System Language Discovery
        
        PID:12652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        601⤵
        
        PID:12664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        602⤵
        
        PID:12680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        603⤵
        
        PID:12696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        604⤵
        System Location Discovery: System Language Discovery
        
        PID:12712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        605⤵
        
        PID:12728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        606⤵
        
        PID:12744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        607⤵
        
        PID:12760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        608⤵
        
        PID:12776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        609⤵
        
        PID:12788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        610⤵
        
        PID:12800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        611⤵
        
        PID:12816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        612⤵
        
        PID:12832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        613⤵
        
        PID:12844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        614⤵
        
        PID:12860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        615⤵
        
        PID:12872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        616⤵
        System Location Discovery: System Language Discovery
        
        PID:12884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        617⤵
        
        PID:12896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        618⤵
        
        PID:12916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        619⤵
        System Location Discovery: System Language Discovery
        
        PID:12932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        620⤵
        
        PID:12948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        621⤵
        
        PID:12968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        622⤵
        
        PID:12980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        623⤵
        
        PID:12992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        624⤵
        
        PID:13004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        625⤵
        
        PID:13020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        626⤵
        
        PID:13036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        627⤵
        
        PID:13048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        628⤵
        
        PID:13060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        629⤵
        
        PID:13076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        630⤵
        System Location Discovery: System Language Discovery
        
        PID:13092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        631⤵
        
        PID:13108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        632⤵
        
        PID:13124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        633⤵
        
        PID:13140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        634⤵
        
        PID:13156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        635⤵
        
        PID:13172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        636⤵
        
        PID:13188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        637⤵
        
        PID:13204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        638⤵
        
        PID:13220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        639⤵
        
        PID:13236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        640⤵
        
        PID:13252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        641⤵
        
        PID:13264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        642⤵
        
        PID:13280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        643⤵
        
        PID:13292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        644⤵
        
        PID:13308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        645⤵
        
        PID:13320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        646⤵
        
        PID:13336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        647⤵
        
        PID:13352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        648⤵
        
        PID:13368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        649⤵
        
        PID:13384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        650⤵
        
        PID:13400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        651⤵
        
        PID:13412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        652⤵
        
        PID:13428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        653⤵
        
        PID:13444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        654⤵
        
        PID:13456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        655⤵
        System Location Discovery: System Language Discovery
        
        PID:13472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        656⤵
        
        PID:13484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        657⤵
        
        PID:13504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        658⤵
        
        PID:13520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        659⤵
        System Location Discovery: System Language Discovery
        
        PID:13536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        660⤵
        
        PID:13548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        661⤵
        
        PID:13560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        662⤵
        
        PID:13576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        663⤵
        
        PID:13592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        664⤵
        
        PID:13608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        665⤵
        
        PID:13624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        666⤵
        
        PID:13640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        667⤵
        
        PID:13656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        668⤵
        System Location Discovery: System Language Discovery
        
        PID:13672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        669⤵
        
        PID:13688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        670⤵
        
        PID:13704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        671⤵
        
        PID:13720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        672⤵
        
        PID:13732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        673⤵
        
        PID:13744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        674⤵
        
        PID:13760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        675⤵
        
        PID:13776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        676⤵
        
        PID:13788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        677⤵
        
        PID:13800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        678⤵
        
        PID:13816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        679⤵
        
        PID:13840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        680⤵
        
        PID:13852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        681⤵
        
        PID:13868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        682⤵
        
        PID:13884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        683⤵
        System Location Discovery: System Language Discovery
        
        PID:13896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        684⤵
        
        PID:13908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        685⤵
        
        PID:13924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        686⤵
        
        PID:13940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        687⤵
        
        PID:13964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        688⤵
        
        PID:13996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        689⤵
        
        PID:14008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        690⤵
        
        PID:14028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        691⤵
        
        PID:14052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        692⤵
        
        PID:14072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        693⤵
        System Location Discovery: System Language Discovery
        
        PID:14096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        694⤵
        
        PID:14116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        695⤵
        
        PID:14156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        696⤵
        System Location Discovery: System Language Discovery
        
        PID:14176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        697⤵
        
        PID:14192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        698⤵
        
        PID:14212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        699⤵
        
        PID:14228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        700⤵
        
        PID:14248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        701⤵
        
        PID:14268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        702⤵
        
        PID:14284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        703⤵
        
        PID:14296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        704⤵
        
        PID:14316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        705⤵
        System Location Discovery: System Language Discovery
        
        PID:14332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        706⤵
        
        PID:2796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        707⤵
        
        PID:1720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        708⤵
        
        PID:468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        709⤵
        
        PID:14132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        710⤵
        
        PID:14164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        711⤵
        
        PID:14340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        712⤵
        
        PID:14356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        713⤵
        
        PID:14368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        714⤵
        
        PID:14380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        715⤵
        System Location Discovery: System Language Discovery
        
        PID:14400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        716⤵
        
        PID:14416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        717⤵
        
        PID:14428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        718⤵
        
        PID:14444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        719⤵
        
        PID:14460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        720⤵
        
        PID:14476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        721⤵
        
        PID:14492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        722⤵
        
        PID:14508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        723⤵
        
        PID:14524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        724⤵
        
        PID:14540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        725⤵
        
        PID:14556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        726⤵
        
        PID:14568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        727⤵
        System Location Discovery: System Language Discovery
        
        PID:14588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        728⤵
        
        PID:14600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        729⤵
        System Location Discovery: System Language Discovery
        
        PID:14612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        730⤵
        
        PID:14632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        731⤵
        
        PID:14648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        732⤵
        
        PID:14660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        733⤵
        
        PID:14672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        734⤵
        System Location Discovery: System Language Discovery
        
        PID:14688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        735⤵
        
        PID:14704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        736⤵
        
        PID:14720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        737⤵
        
        PID:14732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        738⤵
        
        PID:14748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        739⤵
        
        PID:14764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        740⤵
        
        PID:14780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        741⤵
        
        PID:14800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        742⤵
        
        PID:14816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        743⤵
        
        PID:14832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        744⤵
        
        PID:14848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        745⤵
        
        PID:14860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        746⤵
        System Location Discovery: System Language Discovery
        
        PID:14884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        747⤵
        
        PID:14900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        748⤵
        
        PID:14912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        749⤵
        
        PID:14932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        750⤵
        
        PID:14948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        751⤵
        
        PID:14960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        752⤵
        
        PID:14980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        753⤵
        System Location Discovery: System Language Discovery
        
        PID:14992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        754⤵
        
        PID:15008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        755⤵
        
        PID:15024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        756⤵
        
        PID:15040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        757⤵
        
        PID:15056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        758⤵
        
        PID:15068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        759⤵
        
        PID:15080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        760⤵
        
        PID:15100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        761⤵
        
        PID:15112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        762⤵
        
        PID:15148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        763⤵
        
        PID:15184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        764⤵
        
        PID:15196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        765⤵
        System Location Discovery: System Language Discovery
        
        PID:15224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        766⤵
        
        PID:15244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        767⤵
        
        PID:15260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        768⤵
        
        PID:15276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        769⤵
        System Location Discovery: System Language Discovery
        
        PID:15296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        770⤵
        
        PID:15312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        771⤵
        
        PID:15328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        772⤵
        
        PID:15344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        773⤵
        
        PID:15356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        774⤵
        
        PID:14788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        775⤵
        
        PID:14036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        776⤵
        
        PID:14044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        777⤵
        
        PID:14256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        778⤵
        
        PID:15364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        779⤵
        
        PID:15380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        780⤵
        
        PID:15396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        781⤵
        
        PID:15412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        782⤵
        
        PID:15428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        783⤵
        System Location Discovery: System Language Discovery
        
        PID:15444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        784⤵
        
        PID:15456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        785⤵
        
        PID:15476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        786⤵
        
        PID:15492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        787⤵
        
        PID:15508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        788⤵
        
        PID:15524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        789⤵
        
        PID:15540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        790⤵
        
        PID:15556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        791⤵
        
        PID:15572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        792⤵
        
        PID:15588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        793⤵
        
        PID:15604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        794⤵
        
        PID:15620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        795⤵
        
        PID:15636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        796⤵
        
        PID:15652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        797⤵
        
        PID:15668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        798⤵
        
        PID:15684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        799⤵
        
        PID:15700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        800⤵
        
        PID:15712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        801⤵
        
        PID:15736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        802⤵
        
        PID:15748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        803⤵
        
        PID:15768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        804⤵
        
        PID:15784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        805⤵
        
        PID:15800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        806⤵
        
        PID:15816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        807⤵
        
        PID:15832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        808⤵
        
        PID:15848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        809⤵
        
        PID:15864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        810⤵
        
        PID:15876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        811⤵
        System Location Discovery: System Language Discovery
        
        PID:15892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        812⤵
        
        PID:15908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        813⤵
        
        PID:15920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        814⤵
        
        PID:15932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        815⤵
        
        PID:15952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        816⤵
        
        PID:15968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        817⤵
        
        PID:15984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        818⤵
        
        PID:15996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        819⤵
        
        PID:16012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        820⤵
        
        PID:16024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        821⤵
        
        PID:16036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        822⤵
        
        PID:16052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        823⤵
        
        PID:16064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        824⤵
        
        PID:16080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        825⤵
        
        PID:16100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        826⤵
        
        PID:16112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        827⤵
        System Location Discovery: System Language Discovery
        
        PID:16132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        828⤵
        
        PID:16148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        829⤵
        
        PID:16164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        830⤵
        
        PID:16180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        831⤵
        
        PID:16196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        832⤵
        
        PID:16212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        833⤵
        
        PID:16224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        834⤵
        
        PID:16236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        835⤵
        
        PID:16252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        836⤵
        
        PID:16268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        837⤵
        
        PID:16280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        838⤵
        
        PID:16296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        839⤵
        System Location Discovery: System Language Discovery
        
        PID:16308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        840⤵
        
        PID:16328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        841⤵
        
        PID:16344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        842⤵
        
        PID:16360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        843⤵
        
        PID:16376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        844⤵
        
        PID:216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        845⤵
        
        PID:4604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        846⤵
        
        PID:4984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        847⤵
        
        PID:3372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        848⤵
        
        PID:1356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        849⤵
        
        PID:1080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        850⤵
        
        PID:3920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        851⤵
        
        PID:4952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        852⤵
        System Location Discovery: System Language Discovery
        
        PID:1804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        853⤵
        
        PID:348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        854⤵
        
        PID:776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        855⤵
        
        PID:2756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        856⤵
        
        PID:5000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        857⤵
        
        PID:3560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        858⤵
        
        PID:3112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        859⤵
        
        PID:2640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        860⤵
        
        PID:2052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        861⤵
        
        PID:648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        862⤵
        System Location Discovery: System Language Discovery
        
        PID:2292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        863⤵
        
        PID:840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        864⤵
        
        PID:3524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        865⤵
        
        PID:1124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        866⤵
        
        PID:4540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        867⤵
        
        PID:16404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        868⤵
        
        PID:16416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        869⤵
        
        PID:16436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        870⤵
        
        PID:16448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        871⤵
        
        PID:16460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        872⤵
        
        PID:16476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        873⤵
        
        PID:16492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        874⤵
        
        PID:16508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        875⤵
        
        PID:16520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        876⤵
        
        PID:16536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        877⤵
        
        PID:16548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        878⤵
        
        PID:16564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        879⤵
        
        PID:16580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        880⤵
        
        PID:16596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe "C:\Users\Admin\AppData\Local\Temp\hmc hotmail.4\H\System.Windows.Controls.Ribbon.dll",#1
        881⤵
        
        PID:16612

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads