xtremerat | ba7d960521c3c9a912e49973443180266fadfc366ca3aa0b5211e0673cb976aa

Analysis

max time kernel
150s
max time network
148s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
02-02-2025 00:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe
Size

196KB
MD5

773da871b8296896ffccb40b5c9bd6fc
SHA1

0060f821272f2d8baa30a91e13dabc4bf72d3289
SHA256

ba7d960521c3c9a912e49973443180266fadfc366ca3aa0b5211e0673cb976aa
SHA512

7f8f2d51b0ac63b1d63110996499ddc8df0b3600033822b70e52599525c74e5bc9815de9035c1d990a9764f1a1e9e880f014ce6ae7a32e94a26cec080242e20c
SSDEEP

3072:X/oqgU0ATDs5uHBRI04GIrA+adNbZzXF8v:XwqgU0AsUoPGljXRI

Score

10^/10

xtremerat bootkit discovery persistence rat spyware

Malware Config

Signatures

Detect XtremeRAT payload 4 IoCs

resource	yara_rule
behavioral2/memory/4896-7-0x0000000000C80000-0x0000000000C92000-memory.dmp	family_xtremerat
behavioral2/memory/4896-8-0x0000000000C80000-0x0000000000C92000-memory.dmp	family_xtremerat
behavioral2/memory/4896-9-0x0000000000C80000-0x0000000000C92000-memory.dmp	family_xtremerat
behavioral2/memory/976-16-0x0000000000C80000-0x0000000000C92000-memory.dmp	family_xtremerat

XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
persistence spyware rat xtremerat
Xtremerat family
xtremerat

Boot or Logon Autostart Execution: Active Setup 2 TTPs 22 IoCs

Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

persistence

Active Setup

T1547.014

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Active Setup\Installed Components\{76055I7P-10JC-TL3A-WQ11-87M7504C1617}	svchost.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{76055I7P-10JC-TL3A-WQ11-87M7504C1617}\StubPath = "C:\\Users\\Admin\\AppData\\Local\\Temp\\InstallDir\\hub.exe"	svchost.exe
Key created	\REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Active Setup\Installed Components\{76055I7P-10JC-TL3A-WQ11-87M7504C1617}	hub.exe
Key created	\REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Active Setup\Installed Components\{76055I7P-10JC-TL3A-WQ11-87M7504C1617}	hub.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{76055I7P-10JC-TL3A-WQ11-87M7504C1617}\StubPath = "C:\\Users\\Admin\\AppData\\Local\\Temp\\InstallDir\\hub.exe restart"	hub.exe
Key created	\REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Active Setup\Installed Components\{76055I7P-10JC-TL3A-WQ11-87M7504C1617}	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{76055I7P-10JC-TL3A-WQ11-87M7504C1617}\StubPath = "C:\\Users\\Admin\\AppData\\Local\\Temp\\InstallDir\\hub.exe restart"	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{76055I7P-10JC-TL3A-WQ11-87M7504C1617}\StubPath = "C:\\Users\\Admin\\AppData\\Local\\Temp\\InstallDir\\hub.exe restart"	hub.exe
Key created	\REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Active Setup\Installed Components\{76055I7P-10JC-TL3A-WQ11-87M7504C1617}	hub.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{76055I7P-10JC-TL3A-WQ11-87M7504C1617}\StubPath = "C:\\Users\\Admin\\AppData\\Local\\Temp\\InstallDir\\hub.exe restart"	hub.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{76055I7P-10JC-TL3A-WQ11-87M7504C1617}\StubPath = "C:\\Users\\Admin\\AppData\\Local\\Temp\\InstallDir\\hub.exe restart"	hub.exe
Key created	\REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Active Setup\Installed Components\{76055I7P-10JC-TL3A-WQ11-87M7504C1617}	hub.exe
Key created	\REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Active Setup\Installed Components\{76055I7P-10JC-TL3A-WQ11-87M7504C1617}	hub.exe
Key created	\REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Active Setup\Installed Components\{76055I7P-10JC-TL3A-WQ11-87M7504C1617}	hub.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{76055I7P-10JC-TL3A-WQ11-87M7504C1617}\StubPath = "C:\\Users\\Admin\\AppData\\Local\\Temp\\InstallDir\\hub.exe restart"	hub.exe
Key created	\REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Active Setup\Installed Components\{76055I7P-10JC-TL3A-WQ11-87M7504C1617}	hub.exe
Key created	\REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Active Setup\Installed Components\{76055I7P-10JC-TL3A-WQ11-87M7504C1617}	hub.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{76055I7P-10JC-TL3A-WQ11-87M7504C1617}\StubPath = "C:\\Users\\Admin\\AppData\\Local\\Temp\\InstallDir\\hub.exe restart"	hub.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{76055I7P-10JC-TL3A-WQ11-87M7504C1617}\StubPath = "C:\\Users\\Admin\\AppData\\Local\\Temp\\InstallDir\\hub.exe restart"	hub.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{76055I7P-10JC-TL3A-WQ11-87M7504C1617}\StubPath = "C:\\Users\\Admin\\AppData\\Local\\Temp\\InstallDir\\hub.exe restart"	hub.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{76055I7P-10JC-TL3A-WQ11-87M7504C1617}\StubPath = "C:\\Users\\Admin\\AppData\\Local\\Temp\\InstallDir\\hub.exe restart"	hub.exe
Key created	\REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Active Setup\Installed Components\{76055I7P-10JC-TL3A-WQ11-87M7504C1617}	hub.exe

Checks computer location settings 2 TTPs 7 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	hub.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	hub.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	hub.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	hub.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	hub.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	hub.exe

Executes dropped EXE 30 IoCs

pid	Process
2732	hub.exe
4036	hub.exe
2784	hub.exe
4480	hub.exe
1496	hub.exe
4752	hub.exe
4788	hub.exe
4440	hub.exe
3488	hub.exe
3328	hub.exe
448	hub.exe
4004	hub.exe
1796	hub.exe
2728	hub.exe
2368	hub.exe
4804	hub.exe
2204	hub.exe
3340	hub.exe
2944	hub.exe
4324	hub.exe
2448	hub.exe
4828	hub.exe
2632	hub.exe
4168	hub.exe
2772	hub.exe
4288	hub.exe
4548	hub.exe
4936	hub.exe
4320	hub.exe
1036	hub.exe

Adds Run key to start application 2 TTPs 11 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\HKLM = "C:\\Users\\Admin\\AppData\\Local\\Temp\\InstallDir\\hub.exe"	hub.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\HKLM = "C:\\Users\\Admin\\AppData\\Local\\Temp\\InstallDir\\hub.exe"	hub.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\HKLM = "C:\\Users\\Admin\\AppData\\Local\\Temp\\InstallDir\\hub.exe"	hub.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\HKLM = "C:\\Users\\Admin\\AppData\\Local\\Temp\\InstallDir\\hub.exe"	hub.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\HKLM = "C:\\Users\\Admin\\AppData\\Local\\Temp\\InstallDir\\hub.exe"	svchost.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\HKLM = "C:\\Users\\Admin\\AppData\\Local\\Temp\\InstallDir\\hub.exe"	hub.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\HKLM = "C:\\Users\\Admin\\AppData\\Local\\Temp\\InstallDir\\hub.exe"	hub.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\HKLM = "C:\\Users\\Admin\\AppData\\Local\\Temp\\InstallDir\\hub.exe"	hub.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\HKLM = "C:\\Users\\Admin\\AppData\\Local\\Temp\\InstallDir\\hub.exe"	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\HKLM = "C:\\Users\\Admin\\AppData\\Local\\Temp\\InstallDir\\hub.exe"	hub.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\HKLM = "C:\\Users\\Admin\\AppData\\Local\\Temp\\InstallDir\\hub.exe"	hub.exe

Writes to the Master Boot Record (MBR) 1 TTPs 10 IoCs

Bootkits write to the MBR to gain persistence at a level below the operating system.

bootkit persistence

Bootkit

T1542.003

description	ioc	Process
File opened for modification	\??\PhysicalDrive0	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe
File opened for modification	\??\PhysicalDrive0	hub.exe
File opened for modification	\??\PhysicalDrive0	hub.exe
File opened for modification	\??\PhysicalDrive0	hub.exe
File opened for modification	\??\PhysicalDrive0	hub.exe
File opened for modification	\??\PhysicalDrive0	hub.exe
File opened for modification	\??\PhysicalDrive0	hub.exe
File opened for modification	\??\PhysicalDrive0	hub.exe
File opened for modification	\??\PhysicalDrive0	hub.exe
File opened for modification	\??\PhysicalDrive0	hub.exe

Suspicious use of SetThreadContext 20 IoCs

description	pid	Process	procid_target
PID 4384 set thread context of 1828	4384	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	82
PID 1828 set thread context of 4896	1828	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	83
PID 2732 set thread context of 4036	2732	hub.exe	94
PID 4036 set thread context of 2784	4036	hub.exe	95
PID 4480 set thread context of 4752	4480	hub.exe	106
PID 4752 set thread context of 4788	4752	hub.exe	107
PID 1496 set thread context of 3488	1496	hub.exe	116
PID 3488 set thread context of 3328	3488	hub.exe	117
PID 4440 set thread context of 448	4440	hub.exe	121
PID 448 set thread context of 4004	448	hub.exe	122
PID 1796 set thread context of 2368	1796	hub.exe	140
PID 2368 set thread context of 4804	2368	hub.exe	141
PID 2728 set thread context of 2204	2728	hub.exe	142
PID 2204 set thread context of 2944	2204	hub.exe	144
PID 3340 set thread context of 4828	3340	hub.exe	164
PID 4828 set thread context of 2632	4828	hub.exe	484
PID 4324 set thread context of 2772	4324	hub.exe	168
PID 2448 set thread context of 4548	2448	hub.exe	169
PID 2772 set thread context of 4288	2772	hub.exe	170
PID 4548 set thread context of 4936	4548	hub.exe	171

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

System Location Discovery: System Language Discovery 1 TTPs 34 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	hub.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	hub.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	hub.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	hub.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	hub.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	hub.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	hub.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	hub.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	hub.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	hub.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	hub.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	hub.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	hub.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	hub.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	hub.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	hub.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	hub.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	hub.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	hub.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	hub.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	hub.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	hub.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	hub.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	hub.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	hub.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	hub.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	svchost.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	hub.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	hub.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	hub.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	hub.exe

Modifies registry class 8 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\	hub.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\	hub.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\	svchost.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\	hub.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\	hub.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\	hub.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\	hub.exe

Suspicious use of SetWindowsHookEx 23 IoCs

pid	Process
4384	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe
1828	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe
2732	hub.exe
4036	hub.exe
4480	hub.exe
1496	hub.exe
4752	hub.exe
4440	hub.exe
3488	hub.exe
448	hub.exe
1796	hub.exe
2728	hub.exe
2368	hub.exe
2204	hub.exe
3340	hub.exe
4324	hub.exe
2448	hub.exe
4828	hub.exe
4168	hub.exe
2772	hub.exe
4548	hub.exe
4320	hub.exe
1036	hub.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4384 wrote to memory of 1828	4384	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	82
PID 4384 wrote to memory of 1828	4384	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	82
PID 4384 wrote to memory of 1828	4384	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	82
PID 4384 wrote to memory of 1828	4384	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	82
PID 4384 wrote to memory of 1828	4384	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	82
PID 4384 wrote to memory of 1828	4384	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	82
PID 4384 wrote to memory of 1828	4384	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	82
PID 4384 wrote to memory of 1828	4384	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	82
PID 1828 wrote to memory of 4896	1828	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	83
PID 1828 wrote to memory of 4896	1828	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	83
PID 1828 wrote to memory of 4896	1828	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	83
PID 1828 wrote to memory of 4896	1828	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	83
PID 1828 wrote to memory of 4896	1828	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	83
PID 1828 wrote to memory of 4896	1828	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	83
PID 1828 wrote to memory of 4896	1828	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	83
PID 1828 wrote to memory of 4896	1828	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	83
PID 1828 wrote to memory of 4896	1828	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	83
PID 1828 wrote to memory of 4896	1828	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	83
PID 1828 wrote to memory of 4896	1828	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	83
PID 1828 wrote to memory of 4896	1828	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	83
PID 1828 wrote to memory of 4896	1828	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	83
PID 4896 wrote to memory of 976	4896	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	84
PID 4896 wrote to memory of 976	4896	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	84
PID 4896 wrote to memory of 976	4896	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	84
PID 4896 wrote to memory of 976	4896	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	84
PID 4896 wrote to memory of 1476	4896	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	85
PID 4896 wrote to memory of 1476	4896	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	85
PID 4896 wrote to memory of 1476	4896	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	85
PID 4896 wrote to memory of 1908	4896	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	86
PID 4896 wrote to memory of 1908	4896	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	86
PID 4896 wrote to memory of 1908	4896	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	86
PID 4896 wrote to memory of 3960	4896	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	87
PID 4896 wrote to memory of 3960	4896	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	87
PID 4896 wrote to memory of 3960	4896	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	87
PID 4896 wrote to memory of 764	4896	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	88
PID 4896 wrote to memory of 764	4896	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	88
PID 4896 wrote to memory of 764	4896	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	88
PID 4896 wrote to memory of 3868	4896	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	89
PID 4896 wrote to memory of 3868	4896	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	89
PID 4896 wrote to memory of 3868	4896	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	89
PID 4896 wrote to memory of 4928	4896	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	90
PID 4896 wrote to memory of 4928	4896	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	90
PID 4896 wrote to memory of 4928	4896	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	90
PID 4896 wrote to memory of 1448	4896	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	91
PID 4896 wrote to memory of 1448	4896	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	91
PID 4896 wrote to memory of 1448	4896	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	91
PID 4896 wrote to memory of 4692	4896	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	92
PID 4896 wrote to memory of 4692	4896	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	92
PID 4896 wrote to memory of 2732	4896	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	93
PID 4896 wrote to memory of 2732	4896	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	93
PID 4896 wrote to memory of 2732	4896	JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe	93
PID 2732 wrote to memory of 4036	2732	hub.exe	94
PID 2732 wrote to memory of 4036	2732	hub.exe	94
PID 2732 wrote to memory of 4036	2732	hub.exe	94
PID 2732 wrote to memory of 4036	2732	hub.exe	94
PID 2732 wrote to memory of 4036	2732	hub.exe	94
PID 2732 wrote to memory of 4036	2732	hub.exe	94
PID 2732 wrote to memory of 4036	2732	hub.exe	94
PID 2732 wrote to memory of 4036	2732	hub.exe	94
PID 4036 wrote to memory of 2784	4036	hub.exe	95
PID 4036 wrote to memory of 2784	4036	hub.exe	95
PID 4036 wrote to memory of 2784	4036	hub.exe	95
PID 4036 wrote to memory of 2784	4036	hub.exe	95
PID 4036 wrote to memory of 2784	4036	hub.exe	95

C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe
"C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe"
1⤵
- Suspicious use of SetThreadContext
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:4384
- C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe
  "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe"
  2⤵
  - Writes to the Master Boot Record (MBR)
  - Suspicious use of SetThreadContext
  - System Location Discovery: System Language Discovery
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:1828
- - C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe
    "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_773da871b8296896ffccb40b5c9bd6fc.exe"
    3⤵
    - Boot or Logon Autostart Execution: Active Setup
    - Checks computer location settings
    - Adds Run key to start application
    - System Location Discovery: System Language Discovery
    - Modifies registry class
    - Suspicious use of WriteProcessMemory
    PID:4896
  - - C:\Windows\SysWOW64\svchost.exe
      svchost.exe
      4⤵
      Boot or Logon Autostart Execution: Active Setup
      Adds Run key to start application
      System Location Discovery: System Language Discovery
      Modifies registry class
      PID:976
    - - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        5⤵
        Executes dropped EXE
        Suspicious use of SetThreadContext
        System Location Discovery: System Language Discovery
        Suspicious use of SetWindowsHookEx
        
        PID:4480
      - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        6⤵
        Executes dropped EXE
        Writes to the Master Boot Record (MBR)
        Suspicious use of SetThreadContext
        System Location Discovery: System Language Discovery
        Suspicious use of SetWindowsHookEx
        
        PID:4752
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        7⤵
        Boot or Logon Autostart Execution: Active Setup
        Checks computer location settings
        Executes dropped EXE
        Adds Run key to start application
        System Location Discovery: System Language Discovery
        Modifies registry class
        
        PID:4788
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:2872
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:1896
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:4568
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:3372
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:3028
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:4728
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:4432
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:4452
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        8⤵
        Executes dropped EXE
        Suspicious use of SetThreadContext
        System Location Discovery: System Language Discovery
        Suspicious use of SetWindowsHookEx
        
        PID:1796
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        9⤵
        Executes dropped EXE
        Writes to the Master Boot Record (MBR)
        Suspicious use of SetThreadContext
        System Location Discovery: System Language Discovery
        Suspicious use of SetWindowsHookEx
        
        PID:2368
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        10⤵
        Boot or Logon Autostart Execution: Active Setup
        Checks computer location settings
        Executes dropped EXE
        Adds Run key to start application
        System Location Discovery: System Language Discovery
        Modifies registry class
        
        PID:4804
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:2592
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:4296
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:4764
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:3032
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:1240
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:2620
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:3672
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:3660
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        11⤵
        Executes dropped EXE
        System Location Discovery: System Language Discovery
        Suspicious use of SetWindowsHookEx
        
        PID:1036
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        12⤵
        
        PID:1508
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        13⤵
        
        PID:4388
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:3944
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:2704
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:396
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:3540
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:2796
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:4672
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:2088
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:4776
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        14⤵
        
        PID:1276
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        15⤵
        
        PID:1796
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        16⤵
        
        PID:2324
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:716
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:3888
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:3036
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:4940
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:1212
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:860
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:3964
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:2056
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        17⤵
        
        PID:5444
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        18⤵
        
        PID:5228
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        19⤵
        
        PID:5268
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:5528
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:5712
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:5836
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:5928
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:6060
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:2940
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:5360
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:5148
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        20⤵
        
        PID:5992
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        21⤵
        
        PID:6680
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        22⤵
        
        PID:6816
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        23⤵
        
        PID:6932
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        23⤵
        
        PID:7012
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        23⤵
        
        PID:7096
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        23⤵
        
        PID:6292
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        23⤵
        
        PID:4956
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        23⤵
        
        PID:2916
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        23⤵
        
        PID:6556
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        23⤵
        
        PID:6808
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        23⤵
        
        PID:5200
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        24⤵
        
        PID:7864
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        25⤵
        
        PID:8128
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        26⤵
        
        PID:7320
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        26⤵
        
        PID:6828
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        26⤵
        
        PID:6540
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        26⤵
        
        PID:6592
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        26⤵
        
        PID:7512
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        26⤵
        
        PID:5428
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        26⤵
        
        PID:7160
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        26⤵
        
        PID:7960
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        26⤵
        
        PID:8484
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        27⤵
        
        PID:7900
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        28⤵
        
        PID:8228
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        29⤵
        
        PID:9312
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        29⤵
        
        PID:9548
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        29⤵
        
        PID:9728
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        29⤵
        
        PID:9880
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        29⤵
        
        PID:10024
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        29⤵
        
        PID:8232
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        29⤵
        
        PID:8456
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        29⤵
        
        PID:8788
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        29⤵
        
        PID:9584
    - - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        5⤵
        Executes dropped EXE
        Suspicious use of SetThreadContext
        System Location Discovery: System Language Discovery
        Suspicious use of SetWindowsHookEx
        
        PID:4440
      - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        6⤵
        Executes dropped EXE
        Writes to the Master Boot Record (MBR)
        Suspicious use of SetThreadContext
        System Location Discovery: System Language Discovery
        Suspicious use of SetWindowsHookEx
        
        PID:448
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        7⤵
        Boot or Logon Autostart Execution: Active Setup
        Checks computer location settings
        Executes dropped EXE
        Adds Run key to start application
        System Location Discovery: System Language Discovery
        Modifies registry class
        
        PID:4004
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:4292
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:3880
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:2240
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:2344
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:3436
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:2896
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:3408
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:3064
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        8⤵
        Executes dropped EXE
        Suspicious use of SetThreadContext
        System Location Discovery: System Language Discovery
        Suspicious use of SetWindowsHookEx
        
        PID:2448
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        9⤵
        Executes dropped EXE
        Writes to the Master Boot Record (MBR)
        Suspicious use of SetThreadContext
        System Location Discovery: System Language Discovery
        Suspicious use of SetWindowsHookEx
        
        PID:4548
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        10⤵
        Boot or Logon Autostart Execution: Active Setup
        Executes dropped EXE
        Adds Run key to start application
        System Location Discovery: System Language Discovery
        
        PID:4936
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:1484
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:1264
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:1180
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:3688
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:2256
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:4484
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:1596
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:2228
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        11⤵
        
        PID:4524
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        12⤵
        
        PID:1824
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        13⤵
        
        PID:3964
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:1776
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:3700
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:5024
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:2068
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:4592
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:3616
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:544
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:1408
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        14⤵
        
        PID:4768
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        15⤵
        
        PID:5212
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        16⤵
        
        PID:5304
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:5436
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:5552
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:5620
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:5676
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:5800
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:5848
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:5904
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:5956
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        17⤵
        
        PID:5204
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        18⤵
        
        PID:5224
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        19⤵
        
        PID:5324
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:4532
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:5876
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:2780
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:5240
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:2632
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:6000
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:6164
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:6256
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        20⤵
        
        PID:6792
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        21⤵
        
        PID:1056
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        22⤵
        
        PID:6300
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        23⤵
        
        PID:6472
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        23⤵
        
        PID:6792
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        23⤵
        
        PID:6512
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        23⤵
        
        PID:6784
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        23⤵
        
        PID:6928
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        23⤵
        
        PID:6368
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        23⤵
        
        PID:7232
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        23⤵
        
        PID:7384
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        23⤵
        
        PID:7956
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        24⤵
        
        PID:7580
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        25⤵
        
        PID:7904
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        26⤵
        
        PID:7992
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        26⤵
        
        PID:8220
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        26⤵
        
        PID:8336
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        26⤵
        
        PID:8460
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        26⤵
        
        PID:8620
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        26⤵
        
        PID:8704
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        26⤵
        
        PID:8996
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        26⤵
        
        PID:8064
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        26⤵
        
        PID:7756
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        27⤵
        
        PID:9408
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        28⤵
        
        PID:9208
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        29⤵
        
        PID:10080
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        29⤵
        
        PID:8292
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        29⤵
        
        PID:3712
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        29⤵
        
        PID:9276
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        29⤵
        
        PID:9380
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        29⤵
        
        PID:10248
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        29⤵
        
        PID:10516
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        29⤵
        
        PID:10788
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        29⤵
        
        PID:10480
    - - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        5⤵
        Executes dropped EXE
        Suspicious use of SetThreadContext
        System Location Discovery: System Language Discovery
        Suspicious use of SetWindowsHookEx
        
        PID:2728
      - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        6⤵
        Executes dropped EXE
        Writes to the Master Boot Record (MBR)
        Suspicious use of SetThreadContext
        System Location Discovery: System Language Discovery
        Suspicious use of SetWindowsHookEx
        
        PID:2204
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        7⤵
        Boot or Logon Autostart Execution: Active Setup
        Checks computer location settings
        Executes dropped EXE
        Adds Run key to start application
        System Location Discovery: System Language Discovery
        Modifies registry class
        
        PID:2944
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:4340
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:3512
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:2244
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:5068
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:1132
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:4964
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:684
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:4352
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        8⤵
        Executes dropped EXE
        System Location Discovery: System Language Discovery
        Suspicious use of SetWindowsHookEx
        
        PID:4320
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        9⤵
        
        PID:1460
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        10⤵
        
        PID:1884
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:400
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:996
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:5016
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:3448
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:1680
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:3084
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:2960
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:4684
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        11⤵
        
        PID:4240
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        12⤵
        
        PID:2948
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        13⤵
        
        PID:5004
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:2104
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:4564
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:4388
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:4556
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:3984
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:1368
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:3904
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:1576
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        14⤵
        
        PID:5388
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        15⤵
        
        PID:3808
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        16⤵
        
        PID:4768
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:5492
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:5700
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:5816
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:972
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:5952
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:6104
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:5336
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:5580
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        17⤵
        
        PID:6068
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        18⤵
        
        PID:6360
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        19⤵
        
        PID:6500
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:6640
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:6880
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:6992
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:7052
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:416
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:6048
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:6436
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:6516
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        20⤵
        
        PID:7088
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        21⤵
        
        PID:7532
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        22⤵
        
        PID:7628
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        23⤵
        
        PID:7808
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        23⤵
        
        PID:8036
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        23⤵
        
        PID:8188
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        23⤵
        
        PID:7312
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        23⤵
        
        PID:5020
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        23⤵
        
        PID:5808
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        23⤵
        
        PID:6700
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        23⤵
        
        PID:7452
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        23⤵
        
        PID:8152
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        24⤵
        
        PID:7496
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        25⤵
        
        PID:9020
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        26⤵
        
        PID:1128
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        26⤵
        
        PID:5448
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        26⤵
        
        PID:9196
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        26⤵
        
        PID:9260
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        26⤵
        
        PID:9508
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        26⤵
        
        PID:9648
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        26⤵
        
        PID:9780
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        26⤵
        
        PID:9940
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        26⤵
        
        PID:7560
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        27⤵
        
        PID:7916
    - - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        5⤵
        Executes dropped EXE
        Suspicious use of SetThreadContext
        System Location Discovery: System Language Discovery
        Suspicious use of SetWindowsHookEx
        
        PID:4324
      - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        6⤵
        Executes dropped EXE
        Writes to the Master Boot Record (MBR)
        Suspicious use of SetThreadContext
        System Location Discovery: System Language Discovery
        Suspicious use of SetWindowsHookEx
        
        PID:2772
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        7⤵
        Boot or Logon Autostart Execution: Active Setup
        Executes dropped EXE
        Adds Run key to start application
        System Location Discovery: System Language Discovery
        
        PID:4288
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:1052
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:1720
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:3884
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:4248
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:4980
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:5072
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:4812
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:1492
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        8⤵
        
        PID:4032
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        9⤵
        
        PID:4716
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        10⤵
        
        PID:1752
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:2728
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:1964
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:3236
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:4652
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:4264
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:2356
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:232
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:3848
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        11⤵
        
        PID:1432
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        12⤵
        
        PID:5160
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        13⤵
        
        PID:5236
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:5380
    - - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        5⤵
        Executes dropped EXE
        System Location Discovery: System Language Discovery
        Suspicious use of SetWindowsHookEx
        
        PID:4168
      - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        6⤵
        
        PID:4788
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        7⤵
        
        PID:4940
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:4308
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:5112
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:3788
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:3400
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:4324
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:4272
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:3268
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:2060
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        8⤵
        
        PID:3036
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        9⤵
        
        PID:2956
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        10⤵
        
        PID:2632
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:3348
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:3396
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:3772
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:4740
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:2132
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:556
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:760
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:380
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        11⤵
        
        PID:5496
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        12⤵
        
        PID:5132
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        13⤵
        
        PID:5168
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:5340
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:5596
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:5764
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:1712
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:4560
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:4456
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:5496
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:5320
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        14⤵
        
        PID:5040
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        15⤵
        
        PID:6336
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        16⤵
        
        PID:6388
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:6564
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:6732
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:6968
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:7020
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:7104
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:5296
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:6152
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:6272
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        17⤵
        
        PID:7064
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        18⤵
        
        PID:7372
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        19⤵
        
        PID:7456
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:7596
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:7744
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:8008
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:8180
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:7280
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:7088
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:6900
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:5992
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        20⤵
        
        PID:7228
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        21⤵
        
        PID:8404
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        22⤵
        
        PID:7396
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        23⤵
        
        PID:8960
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        23⤵
        
        PID:8444
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        23⤵
        
        PID:8016
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        23⤵
        
        PID:8984
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        23⤵
        
        PID:8556
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        23⤵
        
        PID:9388
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        23⤵
        
        PID:9532
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        23⤵
        
        PID:9704
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        23⤵
        
        PID:6832
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        24⤵
        
        PID:10836
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        25⤵
        
        PID:11000
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        26⤵
        
        PID:11116
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        26⤵
        
        PID:11260
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        26⤵
        
        PID:10308
    - - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        5⤵
        
        PID:1348
      - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        6⤵
        
        PID:4608
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        7⤵
        
        PID:2580
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:2236
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:3116
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:4228
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:3992
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:3252
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:4212
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:2040
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:2148
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        8⤵
        
        PID:4356
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        9⤵
        
        PID:1652
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        10⤵
        
        PID:1876
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:4040
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:5348
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:5516
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:5604
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:5636
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:5732
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:5820
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:5856
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        11⤵
        
        PID:6076
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        12⤵
        
        PID:6012
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        13⤵
        
        PID:5588
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:5664
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:3440
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:6052
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:4012
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:5524
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:4356
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:5692
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:1648
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        14⤵
        
        PID:6424
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        15⤵
        
        PID:6304
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        16⤵
        
        PID:6684
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:6344
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:6904
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:4380
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:6332
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:6776
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:6476
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:6420
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:7240
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        17⤵
        
        PID:7696
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        18⤵
        
        PID:7224
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        19⤵
        
        PID:7352
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:7000
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:7708
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:8236
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:8356
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:8568
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:8668
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:8836
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:9156
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        20⤵
        
        PID:8884
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        21⤵
        
        PID:10048
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        22⤵
        
        PID:8432
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        23⤵
        
        PID:7592
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        23⤵
        
        PID:7420
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        23⤵
        
        PID:9660
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        23⤵
        
        PID:9488
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        23⤵
        
        PID:10188
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        23⤵
        
        PID:8484
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        23⤵
        
        PID:10316
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        23⤵
        
        PID:10608
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        23⤵
        
        PID:9904
    - - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        5⤵
        
        PID:1212
      - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        6⤵
        
        PID:1512
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        7⤵
        
        PID:3472
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:3112
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:2220
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:4428
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:912
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:856
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:2808
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:4188
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:2980
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        8⤵
        
        PID:2360
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        9⤵
        
        PID:5948
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        10⤵
        
        PID:6004
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:6108
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:5164
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:3184
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:5668
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:776
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:5944
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:5896
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:1432
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        11⤵
        
        PID:2636
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        12⤵
        
        PID:6224
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        13⤵
        
        PID:6328
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:6528
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:6688
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:6952
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:7036
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:7164
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:6320
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:6376
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:5040
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        14⤵
        
        PID:6132
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        15⤵
        
        PID:7752
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        16⤵
        
        PID:7916
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:8144
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:7092
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:5388
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:7348
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:6296
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:8056
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:7448
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:7528
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        17⤵
        
        PID:8228
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        18⤵
        
        PID:8872
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        19⤵
        
        PID:7956
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:8560
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:9396
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:9540
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:9736
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:9892
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:7316
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:9912
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:9296
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        20⤵
        
        PID:5316
    - - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        5⤵
        
        PID:1348
      - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        6⤵
        
        PID:4032
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        7⤵
        
        PID:512
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:2988
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:3272
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:4524
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:5180
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:5480
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:5572
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:5628
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:5684
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        8⤵
        
        PID:5876
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        9⤵
        
        PID:5136
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        10⤵
        
        PID:5448
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:5884
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:3104
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:6080
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:6120
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:4320
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:208
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:5644
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:5500
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        11⤵
        
        PID:6296
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        12⤵
        
        PID:6356
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        13⤵
        
        PID:5020
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:6812
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:7120
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:5784
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:6596
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:6576
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:6096
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:6864
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:6696
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        14⤵
        
        PID:7520
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        15⤵
        
        PID:8168
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        16⤵
        
        PID:7220
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:5400
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:7892
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:7972
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:8284
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:8420
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:8576
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:8676
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:8844
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        17⤵
        
        PID:8472
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        18⤵
        
        PID:9924
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        19⤵
        
        PID:10084
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:9764
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:8904
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:8912
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:9592
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:184
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:8272
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:4112
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:10452
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        20⤵
        
        PID:10280
    - - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        5⤵
        
        PID:1360
      - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        6⤵
        
        PID:5656
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        7⤵
        
        PID:5704
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:5768
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:5828
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:5868
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:5936
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:6028
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:6136
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:2444
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:3148
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        8⤵
        
        PID:6000
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        9⤵
        
        PID:5332
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        10⤵
        
        PID:4172
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:5728
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:5756
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:1160
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:6232
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:6396
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:6708
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:6940
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:7028
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        11⤵
        
        PID:6352
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        12⤵
        
        PID:5984
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        13⤵
        
        PID:6788
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:6088
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:7336
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:7500
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:7672
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:7944
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:8104
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:6340
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:7064
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        14⤵
        
        PID:6768
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        15⤵
        
        PID:8776
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        16⤵
        
        PID:8928
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:9148
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:8332
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:7800
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:8892
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:7380
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:7868
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:8968
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:9240
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        17⤵
        
        PID:9816
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        18⤵
        
        PID:8488
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        19⤵
        
        PID:10392
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:10684
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:10904
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:11180
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:6184
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        20⤵
        
        PID:8072
    - - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        5⤵
        
        PID:5580
      - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        6⤵
        
        PID:4604
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        7⤵
        
        PID:5144
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:4908
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:2080
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:5740
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:5964
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:5900
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:5264
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:2648
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:4988
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        8⤵
        
        PID:5020
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        9⤵
        
        PID:6632
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        10⤵
        
        PID:6760
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:6872
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:6984
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:7044
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:6252
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:6348
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:6380
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:6412
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:6756
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        11⤵
        
        PID:6900
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        12⤵
        
        PID:7684
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        13⤵
        
        PID:7792
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:7984
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:8112
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:7180
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:7464
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:7728
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:7392
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:7980
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:6444
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        14⤵
        
        PID:7316
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        15⤵
        
        PID:5192
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        16⤵
        
        PID:6612
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:7792
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:8944
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:9224
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:9428
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:9596
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:9720
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:9868
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:10008
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        17⤵
        
        PID:9004
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        18⤵
        
        PID:10364
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        19⤵
        
        PID:10564
    - - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        5⤵
        
        PID:6084
      - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        6⤵
        
        PID:3648
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        7⤵
        
        PID:3528
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:5780
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:5284
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:4756
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:6124
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:5488
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:4656
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:4768
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:1656
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        8⤵
        
        PID:6572
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        9⤵
        
        PID:6676
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        10⤵
        
        PID:4528
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:4996
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:6728
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:6392
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:7132
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:6636
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:5708
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:6220
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:6840
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        11⤵
        
        PID:7604
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        12⤵
        
        PID:7140
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        13⤵
        
        PID:6620
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:6788
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:7796
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:8264
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:8372
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:8532
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:8640
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:8796
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:9068
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        14⤵
        
        PID:7344
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        15⤵
        
        PID:10228
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        16⤵
        
        PID:9528
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:10100
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:7220
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:7492
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:10184
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:9500
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:10484
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:10692
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:10924
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        17⤵
        
        PID:9960
    - - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        5⤵
        
        PID:5504
      - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        6⤵
        
        PID:5116
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        7⤵
        
        PID:6016
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:5140
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:6156
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:6240
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:6404
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:6648
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:6844
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:7004
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:7068
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        8⤵
        
        PID:6468
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        9⤵
        
        PID:6428
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        10⤵
        
        PID:7160
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:7260
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:7400
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:7540
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:7712
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:7996
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:8156
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:7252
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:6264
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        11⤵
        
        PID:1128
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        12⤵
        
        PID:8820
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        13⤵
        
        PID:8972
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:9132
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:8380
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:7692
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:9108
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:8048
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:7680
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:8004
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:8492
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        14⤵
        
        PID:9756
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        15⤵
        
        PID:10256
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        16⤵
        
        PID:10384
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:10544
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:10740
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:11008
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:11232
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        17⤵
        
        PID:10288
    - - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        5⤵
        
        PID:5256
      - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        6⤵
        
        PID:7060
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        7⤵
        
        PID:7124
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:5460
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:3060
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:6536
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:6480
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:6316
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:6276
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:4796
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:6456
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        8⤵
        
        PID:6524
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        9⤵
        
        PID:6896
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        10⤵
        
        PID:6724
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:6684
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:7912
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:7740
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:7824
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:7896
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:6704
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:8204
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:8348
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        11⤵
        
        PID:8712
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        12⤵
        
        PID:9444
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        13⤵
        
        PID:9668
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:9800
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:9932
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:10204
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:9128
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:7804
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:10020
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:9364
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:9144
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        14⤵
        
        PID:10572
    - - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        5⤵
        
        PID:6772
      - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        6⤵
        
        PID:5260
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        7⤵
        
        PID:6024
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:2576
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:6580
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:6672
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:6852
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:6228
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:7292
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:7424
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:7612
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        8⤵
        
        PID:5192
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        9⤵
        
        PID:8248
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        10⤵
        
        PID:8384
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:8524
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:8632
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:8752
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:9040
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:4876
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:7968
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:8780
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:9032
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        11⤵
        
        PID:9380
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        12⤵
        
        PID:8972
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        13⤵
        
        PID:9120
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:7276
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:10492
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:10700
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:10932
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:11208
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:5540
    - - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        5⤵
        
        PID:6584
      - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        6⤵
        
        PID:7188
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        7⤵
        
        PID:7284
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:7472
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:7648
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:7936
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:8096
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:7196
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:6248
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:7660
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:5324
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        8⤵
        
        PID:7804
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        9⤵
        
        PID:9200
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        10⤵
        
        PID:7916
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:8588
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:8896
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:8600
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:6524
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:8864
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:8276
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:9268
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:9516
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        11⤵
        
        PID:9956
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        12⤵
        
        PID:10460
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        13⤵
        
        PID:10760
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:10960
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:11252
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        14⤵
        
        PID:9480
    - - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        5⤵
        
        PID:6488
      - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        6⤵
        
        PID:7192
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        7⤵
        
        PID:7492
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:7776
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:7924
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:6780
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:6960
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:8120
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:7788
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:8196
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:8320
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        8⤵
        
        PID:8784
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        9⤵
        
        PID:9356
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        10⤵
        
        PID:9480
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:9772
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:9916
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:10056
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:9236
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:9888
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:9456
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:9700
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:8296
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        11⤵
        
        PID:10416
    - - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        5⤵
        
        PID:7852
      - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        6⤵
        
        PID:7608
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        7⤵
        
        PID:7216
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:7820
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:8308
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:8448
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:8608
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:8696
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:8936
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:9180
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:8132
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        8⤵
        
        PID:9036
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        9⤵
        
        PID:8828
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        10⤵
        
        PID:5292
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:9300
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:8792
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:9988
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:9192
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:9372
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:7872
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:10508
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:10732
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        11⤵
        
        PID:9756
    - - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        5⤵
        
        PID:8020
      - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        6⤵
        
        PID:8768
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        7⤵
        
        PID:8920
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:9096
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:8300
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:8476
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:8868
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:8076
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:8092
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:7156
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:7488
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        8⤵
        
        PID:9828
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        9⤵
        
        PID:10556
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        10⤵
        
        PID:10772
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:11076
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:9348
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        11⤵
        
        PID:9788
    - - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        5⤵
        
        PID:8480
      - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        6⤵
        
        PID:7760
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        7⤵
        
        PID:8484
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:9320
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:9568
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:9712
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:9860
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:9976
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:10192
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:8932
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:8564
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        8⤵
        
        PID:9384
    - - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        5⤵
        
        PID:8904
      - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        6⤵
        
        PID:10016
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        7⤵
        
        PID:10108
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:9636
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:9992
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:8052
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:10180
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:9452
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:7584
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:8712
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:10324
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        8⤵
        
        PID:11188
    - - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        5⤵
        
        PID:9500
      - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        6⤵
        
        PID:7772
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        7⤵
        
        PID:9496
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:10368
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:10648
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:10884
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:11092
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:1012
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:9744
    - - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        5⤵
        
        PID:9476
      - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        6⤵
        
        PID:11084
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        7⤵
        
        PID:11172
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        8⤵
        
        PID:10412
    - - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        5⤵
        
        PID:10300
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
      4⤵
      PID:1476
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
      4⤵
      PID:1908
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
      4⤵
      PID:3960
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
      4⤵
      PID:764
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
      4⤵
      PID:3868
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
      4⤵
      PID:4928
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
      4⤵
      PID:1448
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
      4⤵
      PID:4692
  - - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
      "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
      4⤵
      Executes dropped EXE
      Suspicious use of SetThreadContext
      System Location Discovery: System Language Discovery
      Suspicious use of SetWindowsHookEx
      Suspicious use of WriteProcessMemory
      PID:2732
    - - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        5⤵
        Executes dropped EXE
        Writes to the Master Boot Record (MBR)
        Suspicious use of SetThreadContext
        System Location Discovery: System Language Discovery
        Suspicious use of SetWindowsHookEx
        Suspicious use of WriteProcessMemory
        
        PID:4036
      - C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        6⤵
        Boot or Logon Autostart Execution: Active Setup
        Checks computer location settings
        Executes dropped EXE
        Adds Run key to start application
        System Location Discovery: System Language Discovery
        Modifies registry class
        
        PID:2784
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        7⤵
        
        PID:2216
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        7⤵
        
        PID:1256
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        7⤵
        
        PID:1412
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        7⤵
        
        PID:2164
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        7⤵
        
        PID:1064
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        7⤵
        
        PID:2004
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        7⤵
        
        PID:4984
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        7⤵
        
        PID:3100
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        7⤵
        Executes dropped EXE
        Suspicious use of SetThreadContext
        System Location Discovery: System Language Discovery
        Suspicious use of SetWindowsHookEx
        
        PID:1496
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        8⤵
        Executes dropped EXE
        Writes to the Master Boot Record (MBR)
        Suspicious use of SetThreadContext
        System Location Discovery: System Language Discovery
        Suspicious use of SetWindowsHookEx
        
        PID:3488
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        9⤵
        Boot or Logon Autostart Execution: Active Setup
        Checks computer location settings
        Executes dropped EXE
        Adds Run key to start application
        System Location Discovery: System Language Discovery
        Modifies registry class
        
        PID:3328
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        10⤵
        
        PID:1984
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        10⤵
        
        PID:4712
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        10⤵
        
        PID:2200
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        10⤵
        
        PID:436
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        10⤵
        
        PID:3524
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        10⤵
        
        PID:2860
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        10⤵
        
        PID:2856
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        10⤵
        
        PID:1184
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        10⤵
        Executes dropped EXE
        Suspicious use of SetThreadContext
        System Location Discovery: System Language Discovery
        Suspicious use of SetWindowsHookEx
        
        PID:3340
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        11⤵
        Executes dropped EXE
        Writes to the Master Boot Record (MBR)
        Suspicious use of SetThreadContext
        System Location Discovery: System Language Discovery
        Suspicious use of SetWindowsHookEx
        
        PID:4828
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        12⤵
        Boot or Logon Autostart Execution: Active Setup
        Executes dropped EXE
        Adds Run key to start application
        System Location Discovery: System Language Discovery
        
        PID:2632
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        13⤵
        
        PID:2108
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        13⤵
        
        PID:4480
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        13⤵
        
        PID:1644
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        13⤵
        
        PID:5028
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        13⤵
        
        PID:1496
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        13⤵
        
        PID:808
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        13⤵
        
        PID:4440
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        13⤵
        
        PID:3336
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        13⤵
        
        PID:4004
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        14⤵
        
        PID:2648
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        15⤵
        
        PID:1712
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        16⤵
        
        PID:1036
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        16⤵
        
        PID:4256
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        16⤵
        
        PID:1444
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        16⤵
        
        PID:896
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        16⤵
        
        PID:4136
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        16⤵
        
        PID:4336
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        16⤵
        
        PID:1564
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        16⤵
        
        PID:2968
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        16⤵
        
        PID:3808
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        17⤵
        
        PID:5152
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        18⤵
        
        PID:5248
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        19⤵
        
        PID:5420
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        19⤵
        
        PID:5544
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        19⤵
        
        PID:5612
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        19⤵
        
        PID:5648
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        19⤵
        
        PID:5792
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        19⤵
        
        PID:5840
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        19⤵
        
        PID:5888
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        19⤵
        
        PID:5968
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        19⤵
        
        PID:5376
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        20⤵
        
        PID:5188
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        21⤵
        
        PID:4852
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        22⤵
        
        PID:5236
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        22⤵
        
        PID:5156
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        22⤵
        
        PID:6128
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        22⤵
        
        PID:5232
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        22⤵
        
        PID:5788
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        22⤵
        
        PID:4724
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        22⤵
        
        PID:4132
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        22⤵
        
        PID:6196
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        22⤵
        
        PID:6696
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        23⤵
        
        PID:5176
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        24⤵
        
        PID:7000
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        25⤵
        
        PID:6804
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        25⤵
        
        PID:1164
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        25⤵
        
        PID:6656
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        25⤵
        
        PID:6824
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        25⤵
        
        PID:6916
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        25⤵
        
        PID:6752
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        25⤵
        
        PID:6352
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        25⤵
        
        PID:7300
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        25⤵
        
        PID:7836
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        26⤵
        
        PID:7640
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        27⤵
        
        PID:7780
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        28⤵
        
        PID:6388
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        28⤵
        
        PID:7836
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        28⤵
        
        PID:8256
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        28⤵
        
        PID:8364
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        28⤵
        
        PID:8540
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        28⤵
        
        PID:8648
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        28⤵
        
        PID:8760
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        28⤵
        
        PID:9060
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        28⤵
        
        PID:9140
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        29⤵
        
        PID:10236
        
        C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe
        
        "C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe"
        30⤵
        
        PID:8928
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        31⤵
        
        PID:7396
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        31⤵
        
        PID:9008
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        31⤵
        
        PID:10092
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        31⤵
        
        PID:9644
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        31⤵
        
        PID:10444
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        31⤵
        
        PID:10716
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        31⤵
        
        PID:10940
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
        31⤵
        
        PID:11216

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Active Setup

T1547.014

Registry Run Keys / Startup Folder

T1547.001

Pre-OS Boot

T1542

Bootkit

T1542.003

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Active Setup

T1547.014

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Pre-OS Boot

T1542

Bootkit

T1542.003

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\InstallDir\hub.exe

Filesize
196KB

MD5
773da871b8296896ffccb40b5c9bd6fc

SHA1
0060f821272f2d8baa30a91e13dabc4bf72d3289

SHA256
ba7d960521c3c9a912e49973443180266fadfc366ca3aa0b5211e0673cb976aa

SHA512
7f8f2d51b0ac63b1d63110996499ddc8df0b3600033822b70e52599525c74e5bc9815de9035c1d990a9764f1a1e9e880f014ce6ae7a32e94a26cec080242e20c

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\nhk7zhmn.cfg

Filesize
1KB

MD5
9e0b41b27b0acdbe7301109e6e678001

SHA1
2851d407bb5c707c32115d18e9f15665e5c36c92

SHA256
ce4e87ac27537b6eb44f883197d60cb8ac35810e70245bd08e710b09ef47bbc6

SHA512
c45158eedb468da552635173cb3f7e08419786219f73b3f9f798804327088c484b2bb0d3da10c9f6719621b2fc69299539263788961b0a20a03a61a092625652

Download Submit
memory/448-80-0x0000000000400000-0x0000000000416000-memory.dmp

Filesize
88KB

Download
memory/976-16-0x0000000000C80000-0x0000000000C92000-memory.dmp

Filesize
72KB

Download
memory/976-17-0x0000000000400000-0x000000000040E000-memory.dmp

Filesize
56KB

Download
memory/1828-2-0x0000000000400000-0x0000000000416000-memory.dmp

Filesize
88KB

Download
memory/1828-22-0x0000000000400000-0x0000000000416000-memory.dmp

Filesize
88KB

Download
memory/1828-4-0x0000000000400000-0x0000000000416000-memory.dmp

Filesize
88KB

Download
memory/2204-110-0x0000000000400000-0x0000000000416000-memory.dmp

Filesize
88KB

Download
memory/2368-99-0x0000000000400000-0x0000000000416000-memory.dmp

Filesize
88KB

Download
memory/2772-157-0x0000000000400000-0x0000000000416000-memory.dmp

Filesize
88KB

Download
memory/3488-127-0x0000000000400000-0x0000000000416000-memory.dmp

Filesize
88KB

Download
memory/4036-33-0x0000000000400000-0x0000000000416000-memory.dmp

Filesize
88KB

Download
memory/4548-162-0x0000000000400000-0x0000000000416000-memory.dmp

Filesize
88KB

Download
memory/4752-52-0x0000000000400000-0x0000000000416000-memory.dmp

Filesize
88KB

Download
memory/4828-136-0x0000000000400000-0x0000000000416000-memory.dmp

Filesize
88KB

Download
memory/4896-10-0x0000000000400000-0x0000000000431000-memory.dmp

Filesize
196KB

Download
memory/4896-9-0x0000000000C80000-0x0000000000C92000-memory.dmp

Filesize
72KB

Download
memory/4896-8-0x0000000000C80000-0x0000000000C92000-memory.dmp

Filesize
72KB

Download
memory/4896-7-0x0000000000C80000-0x0000000000C92000-memory.dmp

Filesize
72KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads