xworm | ea2ab2ecedf5c203a42e9b29566ada7f70959f41e23e2346fc38322c2cfe43fa

Analysis

max time kernel
900s
max time network
898s
platform
windows11-21h2_x64
resource
win11-20250217-en
resource tags

arch:x64arch:x86image:win11-20250217-enlocale:en-usos:windows11-21h2-x64system
submitted
07/03/2025, 09:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Algorithm_Converter_Arab-you.exe
Size

497KB
MD5

7e01e34e779c50de84cc3e4321d68b6f
SHA1

31ec2e0168867753e0c649dbaeb92aaafb22f6d3
SHA256

ea2ab2ecedf5c203a42e9b29566ada7f70959f41e23e2346fc38322c2cfe43fa
SHA512

af9f51af435f41b9578c72f163d43abb3edd5bfb27fd7b0e4f83799f0df62bf5a9d8e813bf2aab2fc85414ac3f2997400ac5d833d6c77803c568ba954b6c6414
SSDEEP

12288:fGMnkN1TDTvX7ym4vw+8ixjvVem7kC+8:XG1TDTvLVkrMm

Score

10^/10

xworm rat trojan

Malware Config

Extracted

Family

xworm

Version

3.0

3skr.uncofig.com:9999

Mutex

f5nPSEGIk3s9ZJvj

Attributes

Install_directory
%AppData%
install_file
USB.exe
telegram
https://api.telegram.org/bot7942324376:AAFz5Z-GdKIj1CePZyqIUmvNWOymMRw8Lmk/sendMessage?chat_id=2078478344

aes.plain

Signatures

Detect Xworm Payload 2 IoCs

resource	yara_rule
behavioral1/files/0x000200000002a38c-7.dat	family_xworm
behavioral1/memory/1252-19-0x0000000000030000-0x0000000000040000-memory.dmp	family_xworm

Xworm
Xworm is a remote access trojan written in C#.
trojan rat xworm
Xworm family
xworm

Executes dropped EXE 64 IoCs

pid	Process
1252	sat.exe
4884	Algorithm_Converter_Arab-you.exe
3064	sat.exe
1836	Algorithm_Converter_Arab-you.exe
1684	sat.exe
1376	Algorithm_Converter_Arab-you.exe
2788	sat.exe
3176	Algorithm_Converter_Arab-you.exe
1808	sat.exe
1212	Algorithm_Converter_Arab-you.exe
4652	sat.exe
3604	Algorithm_Converter_Arab-you.exe
2552	sat.exe
1972	Algorithm_Converter_Arab-you.exe
2400	sat.exe
5020	Algorithm_Converter_Arab-you.exe
876	sat.exe
1068	Algorithm_Converter_Arab-you.exe
1112	sat.exe
2724	Algorithm_Converter_Arab-you.exe
4880	sat.exe
5080	Algorithm_Converter_Arab-you.exe
2760	sat.exe
4316	Algorithm_Converter_Arab-you.exe
3976	sat.exe
2644	Algorithm_Converter_Arab-you.exe
768	sat.exe
4520	Algorithm_Converter_Arab-you.exe
1312	sat.exe
1908	Algorithm_Converter_Arab-you.exe
1300	sat.exe
2128	Algorithm_Converter_Arab-you.exe
5032	sat.exe
1992	Algorithm_Converter_Arab-you.exe
4404	sat.exe
2076	Algorithm_Converter_Arab-you.exe
2868	sat.exe
1700	Algorithm_Converter_Arab-you.exe
2832	sat.exe
2768	Algorithm_Converter_Arab-you.exe
4628	sat.exe
860	Algorithm_Converter_Arab-you.exe
3016	sat.exe
4844	Algorithm_Converter_Arab-you.exe
2920	sat.exe
1712	Algorithm_Converter_Arab-you.exe
1952	sat.exe
3136	Algorithm_Converter_Arab-you.exe
3276	sat.exe
1808	Algorithm_Converter_Arab-you.exe
2088	sat.exe
2028	Algorithm_Converter_Arab-you.exe
1344	sat.exe
3592	Algorithm_Converter_Arab-you.exe
4276	sat.exe
2532	Algorithm_Converter_Arab-you.exe
2124	sat.exe
336	Algorithm_Converter_Arab-you.exe
4524	sat.exe
72	Algorithm_Converter_Arab-you.exe
4688	sat.exe
2388	Algorithm_Converter_Arab-you.exe
488	sat.exe
3280	Algorithm_Converter_Arab-you.exe

Looks up external IP address via web service 2 IoCs

Uses a legitimate IP lookup service to find the infected system's external IP.

flow	ioc
1	ip-api.com
3	ip-api.com

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeDebugPrivilege	1252	sat.exe
Token: SeDebugPrivilege	3064	sat.exe
Token: SeDebugPrivilege	1684	sat.exe
Token: SeDebugPrivilege	2788	sat.exe
Token: SeDebugPrivilege	1808	sat.exe
Token: SeDebugPrivilege	4652	sat.exe
Token: SeDebugPrivilege	2552	sat.exe
Token: SeDebugPrivilege	2400	sat.exe
Token: SeDebugPrivilege	876	sat.exe
Token: SeDebugPrivilege	1112	sat.exe
Token: SeDebugPrivilege	4880	sat.exe
Token: SeDebugPrivilege	2760	sat.exe
Token: SeDebugPrivilege	3976	sat.exe
Token: SeDebugPrivilege	768	sat.exe
Token: SeDebugPrivilege	1312	sat.exe
Token: SeDebugPrivilege	1300	sat.exe
Token: SeDebugPrivilege	5032	sat.exe
Token: SeDebugPrivilege	4404	sat.exe
Token: SeDebugPrivilege	2868	sat.exe
Token: SeDebugPrivilege	2832	sat.exe
Token: SeDebugPrivilege	4628	sat.exe
Token: SeDebugPrivilege	3016	sat.exe
Token: SeDebugPrivilege	2920	sat.exe
Token: SeDebugPrivilege	1952	sat.exe
Token: SeDebugPrivilege	3276	sat.exe
Token: SeDebugPrivilege	2088	sat.exe
Token: SeDebugPrivilege	1344	sat.exe
Token: SeDebugPrivilege	4276	sat.exe
Token: SeDebugPrivilege	2124	sat.exe
Token: SeDebugPrivilege	4524	sat.exe
Token: SeDebugPrivilege	4688	sat.exe
Token: SeDebugPrivilege	488	sat.exe
Token: SeDebugPrivilege	1592	sat.exe
Token: SeDebugPrivilege	1936	sat.exe
Token: SeDebugPrivilege	4116	sat.exe
Token: SeDebugPrivilege	1644	sat.exe
Token: SeDebugPrivilege	4940	sat.exe
Token: SeDebugPrivilege	1312	sat.exe
Token: SeDebugPrivilege	3144	sat.exe
Token: SeDebugPrivilege	1104	sat.exe
Token: SeDebugPrivilege	2300	sat.exe
Token: SeDebugPrivilege	2116	sat.exe
Token: SeDebugPrivilege	3420	sat.exe
Token: SeDebugPrivilege	3708	sat.exe
Token: SeDebugPrivilege	3624	sat.exe
Token: SeDebugPrivilege	1972	sat.exe
Token: SeDebugPrivilege	1676	sat.exe
Token: SeDebugPrivilege	236	sat.exe
Token: SeDebugPrivilege	1048	sat.exe
Token: SeDebugPrivilege	3284	sat.exe
Token: SeDebugPrivilege	3464	sat.exe
Token: SeDebugPrivilege	4484	sat.exe
Token: SeDebugPrivilege	4160	sat.exe
Token: SeDebugPrivilege	3296	sat.exe
Token: SeDebugPrivilege	460	sat.exe
Token: SeDebugPrivilege	4272	sat.exe
Token: SeDebugPrivilege	1012	sat.exe
Token: SeDebugPrivilege	4552	sat.exe
Token: SeDebugPrivilege	1956	sat.exe
Token: SeDebugPrivilege	1432	sat.exe
Token: SeDebugPrivilege	4816	sat.exe
Token: SeDebugPrivilege	3316	sat.exe
Token: SeDebugPrivilege	4556	sat.exe
Token: SeDebugPrivilege	1332	sat.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2052 wrote to memory of 1252	2052	Algorithm_Converter_Arab-you.exe	82
PID 2052 wrote to memory of 1252	2052	Algorithm_Converter_Arab-you.exe	82
PID 2052 wrote to memory of 4884	2052	Algorithm_Converter_Arab-you.exe	83
PID 2052 wrote to memory of 4884	2052	Algorithm_Converter_Arab-you.exe	83
PID 4884 wrote to memory of 3064	4884	Algorithm_Converter_Arab-you.exe	84
PID 4884 wrote to memory of 3064	4884	Algorithm_Converter_Arab-you.exe	84
PID 4884 wrote to memory of 1836	4884	Algorithm_Converter_Arab-you.exe	85
PID 4884 wrote to memory of 1836	4884	Algorithm_Converter_Arab-you.exe	85
PID 1836 wrote to memory of 1684	1836	Algorithm_Converter_Arab-you.exe	90
PID 1836 wrote to memory of 1684	1836	Algorithm_Converter_Arab-you.exe	90
PID 1836 wrote to memory of 1376	1836	Algorithm_Converter_Arab-you.exe	91
PID 1836 wrote to memory of 1376	1836	Algorithm_Converter_Arab-you.exe	91
PID 1376 wrote to memory of 2788	1376	Algorithm_Converter_Arab-you.exe	94
PID 1376 wrote to memory of 2788	1376	Algorithm_Converter_Arab-you.exe	94
PID 1376 wrote to memory of 3176	1376	Algorithm_Converter_Arab-you.exe	95
PID 1376 wrote to memory of 3176	1376	Algorithm_Converter_Arab-you.exe	95
PID 3176 wrote to memory of 1808	3176	Algorithm_Converter_Arab-you.exe	98
PID 3176 wrote to memory of 1808	3176	Algorithm_Converter_Arab-you.exe	98
PID 3176 wrote to memory of 1212	3176	Algorithm_Converter_Arab-you.exe	99
PID 3176 wrote to memory of 1212	3176	Algorithm_Converter_Arab-you.exe	99
PID 1212 wrote to memory of 4652	1212	Algorithm_Converter_Arab-you.exe	102
PID 1212 wrote to memory of 4652	1212	Algorithm_Converter_Arab-you.exe	102
PID 1212 wrote to memory of 3604	1212	Algorithm_Converter_Arab-you.exe	103
PID 1212 wrote to memory of 3604	1212	Algorithm_Converter_Arab-you.exe	103
PID 3604 wrote to memory of 2552	3604	Algorithm_Converter_Arab-you.exe	106
PID 3604 wrote to memory of 2552	3604	Algorithm_Converter_Arab-you.exe	106
PID 3604 wrote to memory of 1972	3604	Algorithm_Converter_Arab-you.exe	107
PID 3604 wrote to memory of 1972	3604	Algorithm_Converter_Arab-you.exe	107
PID 1972 wrote to memory of 2400	1972	Algorithm_Converter_Arab-you.exe	110
PID 1972 wrote to memory of 2400	1972	Algorithm_Converter_Arab-you.exe	110
PID 1972 wrote to memory of 5020	1972	Algorithm_Converter_Arab-you.exe	111
PID 1972 wrote to memory of 5020	1972	Algorithm_Converter_Arab-you.exe	111
PID 5020 wrote to memory of 876	5020	Algorithm_Converter_Arab-you.exe	114
PID 5020 wrote to memory of 876	5020	Algorithm_Converter_Arab-you.exe	114
PID 5020 wrote to memory of 1068	5020	Algorithm_Converter_Arab-you.exe	115
PID 5020 wrote to memory of 1068	5020	Algorithm_Converter_Arab-you.exe	115
PID 1068 wrote to memory of 1112	1068	Algorithm_Converter_Arab-you.exe	118
PID 1068 wrote to memory of 1112	1068	Algorithm_Converter_Arab-you.exe	118
PID 1068 wrote to memory of 2724	1068	Algorithm_Converter_Arab-you.exe	119
PID 1068 wrote to memory of 2724	1068	Algorithm_Converter_Arab-you.exe	119
PID 2724 wrote to memory of 4880	2724	Algorithm_Converter_Arab-you.exe	122
PID 2724 wrote to memory of 4880	2724	Algorithm_Converter_Arab-you.exe	122
PID 2724 wrote to memory of 5080	2724	Algorithm_Converter_Arab-you.exe	123
PID 2724 wrote to memory of 5080	2724	Algorithm_Converter_Arab-you.exe	123
PID 5080 wrote to memory of 2760	5080	Algorithm_Converter_Arab-you.exe	126
PID 5080 wrote to memory of 2760	5080	Algorithm_Converter_Arab-you.exe	126
PID 5080 wrote to memory of 4316	5080	Algorithm_Converter_Arab-you.exe	127
PID 5080 wrote to memory of 4316	5080	Algorithm_Converter_Arab-you.exe	127
PID 4316 wrote to memory of 3976	4316	Algorithm_Converter_Arab-you.exe	130
PID 4316 wrote to memory of 3976	4316	Algorithm_Converter_Arab-you.exe	130
PID 4316 wrote to memory of 2644	4316	Algorithm_Converter_Arab-you.exe	131
PID 4316 wrote to memory of 2644	4316	Algorithm_Converter_Arab-you.exe	131
PID 2644 wrote to memory of 768	2644	Algorithm_Converter_Arab-you.exe	134
PID 2644 wrote to memory of 768	2644	Algorithm_Converter_Arab-you.exe	134
PID 2644 wrote to memory of 4520	2644	Algorithm_Converter_Arab-you.exe	135
PID 2644 wrote to memory of 4520	2644	Algorithm_Converter_Arab-you.exe	135
PID 4520 wrote to memory of 1312	4520	Algorithm_Converter_Arab-you.exe	138
PID 4520 wrote to memory of 1312	4520	Algorithm_Converter_Arab-you.exe	138
PID 4520 wrote to memory of 1908	4520	Algorithm_Converter_Arab-you.exe	139
PID 4520 wrote to memory of 1908	4520	Algorithm_Converter_Arab-you.exe	139
PID 1908 wrote to memory of 1300	1908	Algorithm_Converter_Arab-you.exe	142
PID 1908 wrote to memory of 1300	1908	Algorithm_Converter_Arab-you.exe	142
PID 1908 wrote to memory of 2128	1908	Algorithm_Converter_Arab-you.exe	143
PID 1908 wrote to memory of 2128	1908	Algorithm_Converter_Arab-you.exe	143

C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
"C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2052
- C:\Users\Admin\AppData\Local\Temp\sat.exe
  "C:\Users\Admin\AppData\Local\Temp\sat.exe"
  2⤵
  - Executes dropped EXE
  - Suspicious use of AdjustPrivilegeToken
  PID:1252
- C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
  "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
  2⤵
  - Executes dropped EXE
  - Suspicious use of WriteProcessMemory
  PID:4884
- - C:\Users\Admin\AppData\Local\Temp\sat.exe
    "C:\Users\Admin\AppData\Local\Temp\sat.exe"
    3⤵
    - Executes dropped EXE
    - Suspicious use of AdjustPrivilegeToken
    PID:3064
- - C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
    "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
    3⤵
    - Executes dropped EXE
    - Suspicious use of WriteProcessMemory
    PID:1836
  - - C:\Users\Admin\AppData\Local\Temp\sat.exe
      "C:\Users\Admin\AppData\Local\Temp\sat.exe"
      4⤵
      Executes dropped EXE
      Suspicious use of AdjustPrivilegeToken
      PID:1684
  - - C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
      "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
      4⤵
      Executes dropped EXE
      Suspicious use of WriteProcessMemory
      PID:1376
    - - C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        5⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2788
    - - C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        5⤵
        Executes dropped EXE
        Suspicious use of WriteProcessMemory
        
        PID:3176
      - C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        6⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1808
      - C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        6⤵
        Executes dropped EXE
        Suspicious use of WriteProcessMemory
        
        PID:1212
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        7⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:4652
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        7⤵
        Executes dropped EXE
        Suspicious use of WriteProcessMemory
        
        PID:3604
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        8⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2552
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        8⤵
        Executes dropped EXE
        Suspicious use of WriteProcessMemory
        
        PID:1972
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        9⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2400
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        9⤵
        Executes dropped EXE
        Suspicious use of WriteProcessMemory
        
        PID:5020
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        10⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:876
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        10⤵
        Executes dropped EXE
        Suspicious use of WriteProcessMemory
        
        PID:1068
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        11⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1112
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        11⤵
        Executes dropped EXE
        Suspicious use of WriteProcessMemory
        
        PID:2724
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        12⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:4880
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        12⤵
        Executes dropped EXE
        Suspicious use of WriteProcessMemory
        
        PID:5080
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        13⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2760
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        13⤵
        Executes dropped EXE
        Suspicious use of WriteProcessMemory
        
        PID:4316
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        14⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:3976
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        14⤵
        Executes dropped EXE
        Suspicious use of WriteProcessMemory
        
        PID:2644
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        15⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:768
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        15⤵
        Executes dropped EXE
        Suspicious use of WriteProcessMemory
        
        PID:4520
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        16⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1312
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        16⤵
        Executes dropped EXE
        Suspicious use of WriteProcessMemory
        
        PID:1908
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        17⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1300
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        17⤵
        Executes dropped EXE
        
        PID:2128
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        18⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:5032
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        18⤵
        Executes dropped EXE
        
        PID:1992
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        19⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:4404
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        19⤵
        Executes dropped EXE
        
        PID:2076
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        20⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2868
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        20⤵
        Executes dropped EXE
        
        PID:1700
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        21⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2832
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        21⤵
        Executes dropped EXE
        
        PID:2768
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        22⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:4628
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        22⤵
        Executes dropped EXE
        
        PID:860
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        23⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:3016
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        23⤵
        Executes dropped EXE
        
        PID:4844
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        24⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2920
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        24⤵
        Executes dropped EXE
        
        PID:1712
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        25⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1952
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        25⤵
        Executes dropped EXE
        
        PID:3136
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        26⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:3276
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        26⤵
        Executes dropped EXE
        
        PID:1808
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        27⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2088
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        27⤵
        Executes dropped EXE
        
        PID:2028
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        28⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1344
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        28⤵
        Executes dropped EXE
        
        PID:3592
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        29⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:4276
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        29⤵
        Executes dropped EXE
        
        PID:2532
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        30⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2124
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        30⤵
        Executes dropped EXE
        
        PID:336
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        31⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:4524
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        31⤵
        Executes dropped EXE
        
        PID:72
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        32⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:4688
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        32⤵
        Executes dropped EXE
        
        PID:2388
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        33⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:488
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        33⤵
        Executes dropped EXE
        
        PID:3280
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        34⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1592
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        34⤵
        
        PID:3260
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        35⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1936
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        35⤵
        
        PID:1216
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        36⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:4116
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        36⤵
        
        PID:724
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        37⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1644
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        37⤵
        
        PID:4696
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        38⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:4940
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        38⤵
        
        PID:1732
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        39⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1312
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        39⤵
        
        PID:4892
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        40⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:3144
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        40⤵
        
        PID:3892
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        41⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1104
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        41⤵
        
        PID:4732
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        42⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:2300
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        42⤵
        
        PID:2768
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        43⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:2116
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        43⤵
        
        PID:1200
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        44⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:3420
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        44⤵
        
        PID:4908
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        45⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:3708
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        45⤵
        
        PID:3300
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        46⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:3624
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        46⤵
        
        PID:3540
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        47⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1972
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        47⤵
        
        PID:5028
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        48⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1676
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        48⤵
        
        PID:1008
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        49⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:236
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        49⤵
        
        PID:1732
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        50⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1048
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        50⤵
        
        PID:3140
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        51⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:3284
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        51⤵
        
        PID:3316
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        52⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:3464
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        52⤵
        
        PID:2236
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        53⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:4484
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        53⤵
        
        PID:1332
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        54⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:4160
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        54⤵
        
        PID:908
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        55⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:3296
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        55⤵
        
        PID:480
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        56⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:460
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        56⤵
        
        PID:1960
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        57⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:4272
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        57⤵
        
        PID:652
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        58⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1012
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        58⤵
        
        PID:1792
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        59⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:4552
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        59⤵
        
        PID:4180
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        60⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1956
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        60⤵
        
        PID:4184
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        61⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1432
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        61⤵
        
        PID:4968
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        62⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:4816
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        62⤵
        
        PID:5116
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        63⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:3316
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        63⤵
        
        PID:4288
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        64⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:4556
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        64⤵
        
        PID:3496
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        65⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1332
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        65⤵
        
        PID:1560
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        66⤵
        
        PID:908
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        66⤵
        
        PID:3300
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        67⤵
        
        PID:480
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        67⤵
        
        PID:3268
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        68⤵
        
        PID:1872
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        68⤵
        
        PID:4692
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        69⤵
        
        PID:4112
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        69⤵
        
        PID:708
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        70⤵
        
        PID:2464
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        70⤵
        
        PID:4132
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        71⤵
        
        PID:2552
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        71⤵
        
        PID:244
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        72⤵
        
        PID:2516
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        72⤵
        
        PID:4348
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        73⤵
        
        PID:3644
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        73⤵
        
        PID:3748
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        74⤵
        
        PID:4636
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        74⤵
        
        PID:3968
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        75⤵
        
        PID:3520
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        75⤵
        
        PID:2300
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        76⤵
        
        PID:4840
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        76⤵
        
        PID:2240
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        77⤵
        
        PID:2644
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        77⤵
        
        PID:488
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        78⤵
        
        PID:4644
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        78⤵
        
        PID:4048
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        79⤵
        
        PID:1760
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        79⤵
        
        PID:2340
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        80⤵
        
        PID:4092
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        80⤵
        
        PID:2880
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        81⤵
        
        PID:3840
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        81⤵
        
        PID:2556
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        82⤵
        
        PID:3632
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        82⤵
        
        PID:2056
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        83⤵
        
        PID:2828
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        83⤵
        
        PID:1312
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        84⤵
        
        PID:4076
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        84⤵
        
        PID:2732
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        85⤵
        
        PID:4444
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        85⤵
        
        PID:4424
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        86⤵
        
        PID:2868
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        86⤵
        
        PID:4288
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        87⤵
        
        PID:1764
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        87⤵
        
        PID:4636
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        88⤵
        
        PID:2484
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        88⤵
        
        PID:5024
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        89⤵
        
        PID:4464
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        89⤵
        
        PID:5036
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        90⤵
        
        PID:3228
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        90⤵
        
        PID:1780
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        91⤵
        
        PID:4332
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        91⤵
        
        PID:3256
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        92⤵
        
        PID:720
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        92⤵
        
        PID:1540
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        93⤵
        
        PID:2952
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        93⤵
        
        PID:4032
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        94⤵
        
        PID:1084
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        94⤵
        
        PID:416
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        95⤵
        
        PID:1924
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        95⤵
        
        PID:3004
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        96⤵
        
        PID:1068
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        96⤵
        
        PID:3156
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        97⤵
        
        PID:2152
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        97⤵
        
        PID:2636
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        98⤵
        
        PID:952
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        98⤵
        
        PID:2572
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        99⤵
        
        PID:2832
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        99⤵
        
        PID:3496
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        100⤵
        
        PID:3520
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        100⤵
        
        PID:1588
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        101⤵
        
        PID:4840
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        101⤵
        
        PID:2020
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        102⤵
        
        PID:908
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        102⤵
        
        PID:4464
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        103⤵
        
        PID:3440
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        103⤵
        
        PID:1080
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        104⤵
        
        PID:3648
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        104⤵
        
        PID:4460
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        105⤵
        
        PID:2400
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        105⤵
        
        PID:336
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        106⤵
        
        PID:3588
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        106⤵
        
        PID:1224
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        107⤵
        
        PID:1432
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        107⤵
        
        PID:1512
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        108⤵
        
        PID:4376
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        108⤵
        
        PID:3748
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        109⤵
        
        PID:2052
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        109⤵
        
        PID:3464
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        110⤵
        
        PID:2960
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        110⤵
        
        PID:1064
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        111⤵
        
        PID:4860
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        111⤵
        
        PID:3096
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        112⤵
        
        PID:2788
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        112⤵
        
        PID:1984
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        113⤵
        
        PID:1804
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        113⤵
        
        PID:1764
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        114⤵
        
        PID:5064
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        114⤵
        
        PID:2820
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        115⤵
        
        PID:4696
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        115⤵
        
        PID:1960
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        116⤵
        
        PID:1592
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        116⤵
        
        PID:2536
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        117⤵
        
        PID:4020
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        117⤵
        
        PID:3148
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        118⤵
        
        PID:2168
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        118⤵
        
        PID:1208
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        119⤵
        
        PID:3992
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        119⤵
        
        PID:3744
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        120⤵
        
        PID:2264
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        120⤵
        
        PID:2332
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        121⤵
        
        PID:2980
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        121⤵
        
        PID:3112
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        122⤵
        
        PID:1152
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        122⤵
        
        PID:4876
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        123⤵
        
        PID:4340
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        123⤵
        
        PID:3764
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        124⤵
        
        PID:4936
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        124⤵
        
        PID:2832
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        125⤵
        
        PID:3264
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        125⤵
        
        PID:1984
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        126⤵
        
        PID:1588
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        126⤵
        
        PID:3032
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        127⤵
        
        PID:4464
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        127⤵
        
        PID:2416
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        128⤵
        
        PID:1792
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        128⤵
        
        PID:972
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        129⤵
        
        PID:4968
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        129⤵
        
        PID:2464
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        130⤵
        
        PID:2372
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        130⤵
        
        PID:3148
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        131⤵
        
        PID:1932
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        131⤵
        
        PID:1224
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        132⤵
        
        PID:1620
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        132⤵
        
        PID:1512
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        133⤵
        
        PID:2384
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        133⤵
        
        PID:4380
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        134⤵
        
        PID:1688
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        134⤵
        
        PID:4312
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        135⤵
        
        PID:2152
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        135⤵
        
        PID:1612
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        136⤵
        
        PID:952
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        136⤵
        
        PID:860
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        137⤵
        
        PID:4124
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        137⤵
        
        PID:1516
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        138⤵
        
        PID:1188
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        138⤵
        
        PID:3216
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        139⤵
        
        PID:2024
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        139⤵
        
        PID:3456
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        140⤵
        
        PID:908
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        140⤵
        
        PID:756
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        141⤵
        
        PID:2192
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        141⤵
        
        PID:3056
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        142⤵
        
        PID:3892
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        142⤵
        
        PID:4472
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        143⤵
        
        PID:1648
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        143⤵
        
        PID:896
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        144⤵
        
        PID:3236
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        144⤵
        
        PID:716
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        145⤵
        
        PID:876
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        145⤵
        
        PID:384
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        146⤵
        
        PID:1544
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        146⤵
        
        PID:1368
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        147⤵
        
        PID:4524
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        147⤵
        
        PID:1928
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        148⤵
        
        PID:4796
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        148⤵
        
        PID:4548
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        149⤵
        
        PID:3328
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        149⤵
        
        PID:1560
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        150⤵
        
        PID:468
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        150⤵
        
        PID:4160
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        151⤵
        
        PID:1196
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        151⤵
        
        PID:4120
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        152⤵
        
        PID:4936
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        152⤵
        
        PID:1100
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        153⤵
        
        PID:4836
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        153⤵
        
        PID:3384
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        154⤵
        
        PID:3812
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        154⤵
        
        PID:4104
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        155⤵
        
        PID:224
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        155⤵
        
        PID:4656
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        156⤵
        
        PID:4924
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        156⤵
        
        PID:228
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        157⤵
        
        PID:2368
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        157⤵
        
        PID:1224
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        158⤵
        
        PID:3856
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        158⤵
        
        PID:3236
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        159⤵
        
        PID:2408
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        159⤵
        
        PID:2164
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        160⤵
        
        PID:3112
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        160⤵
        
        PID:2980
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        161⤵
        
        PID:4524
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        161⤵
        
        PID:1388
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        162⤵
        
        PID:2716
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        162⤵
        
        PID:3568
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        163⤵
        
        PID:2572
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        163⤵
        
        PID:3684
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        164⤵
        
        PID:3264
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        164⤵
        
        PID:3060
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        165⤵
        
        PID:3520
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        165⤵
        
        PID:4116
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        166⤵
        
        PID:4804
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        166⤵
        
        PID:3440
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        167⤵
        
        PID:4272
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        167⤵
        
        PID:2128
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        168⤵
        
        PID:4788
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        168⤵
        
        PID:2012
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        169⤵
        
        PID:4100
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        169⤵
        
        PID:224
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        170⤵
        
        PID:4916
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        170⤵
        
        PID:2884
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        171⤵
        
        PID:384
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        171⤵
        
        PID:4236
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        172⤵
        
        PID:1368
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        172⤵
        
        PID:3856
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        173⤵
        
        PID:1936
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        173⤵
        
        PID:980
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        174⤵
        
        PID:1824
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        174⤵
        
        PID:1212
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        175⤵
        
        PID:2148
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        175⤵
        
        PID:5060
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        176⤵
        
        PID:3024
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        176⤵
        
        PID:1764
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        177⤵
        
        PID:2548
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        177⤵
        
        PID:5056
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        178⤵
        
        PID:1732
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        178⤵
        
        PID:1164
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        179⤵
        
        PID:2976
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        179⤵
        
        PID:4784
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        180⤵
        
        PID:1352
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        180⤵
        
        PID:2516
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        181⤵
        
        PID:1020
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        181⤵
        
        PID:3020
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        182⤵
        
        PID:1376
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        182⤵
        
        PID:2076
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        183⤵
        
        PID:2388
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        183⤵
        
        PID:1496
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        184⤵
        
        PID:4920
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        184⤵
        
        PID:4884
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        185⤵
        
        PID:4672
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        185⤵
        
        PID:3300
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        186⤵
        
        PID:4228
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        186⤵
        
        PID:1948
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        187⤵
        
        PID:3448
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        187⤵
        
        PID:4352
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        188⤵
        
        PID:4888
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        188⤵
        
        PID:2812
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        189⤵
        
        PID:3288
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        189⤵
        
        PID:3244
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        190⤵
        
        PID:480
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        190⤵
        
        PID:1676
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        191⤵
        
        PID:2744
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        191⤵
        
        PID:4012
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        192⤵
        
        PID:5044
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        192⤵
        
        PID:4784
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        193⤵
        
        PID:2724
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        193⤵
        
        PID:1328
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        194⤵
        
        PID:4084
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        194⤵
        
        PID:3192
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        195⤵
        
        PID:1512
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        195⤵
        
        PID:3596
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        196⤵
        
        PID:4724
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        196⤵
        
        PID:3748
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        197⤵
        
        PID:3636
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        197⤵
        
        PID:3424
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        198⤵
        
        PID:4800
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        198⤵
        
        PID:4068
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        199⤵
        
        PID:2348
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        199⤵
        
        PID:2352
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        200⤵
        
        PID:3916
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        200⤵
        
        PID:4772
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        201⤵
        
        PID:2924
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        201⤵
        
        PID:708
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        202⤵
        
        PID:4404
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        202⤵
        
        PID:2028
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        203⤵
        
        PID:4968
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        203⤵
        
        PID:4080
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        204⤵
        
        PID:796
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        204⤵
        
        PID:696
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        205⤵
        
        PID:2952
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        205⤵
        
        PID:2436
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        206⤵
        
        PID:1932
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        206⤵
        
        PID:1020
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        207⤵
        
        PID:4128
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        207⤵
        
        PID:1660
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        208⤵
        
        PID:2388
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        208⤵
        
        PID:2164
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        209⤵
        
        PID:4920
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        209⤵
        
        PID:1664
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        210⤵
        
        PID:2276
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        210⤵
        
        PID:4880
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        211⤵
        
        PID:4228
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        211⤵
        
        PID:2716
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        212⤵
        
        PID:1372
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        212⤵
        
        PID:5024
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        213⤵
        
        PID:4640
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        213⤵
        
        PID:1100
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        214⤵
        
        PID:3548
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        214⤵
        
        PID:2292
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        215⤵
        
        PID:1312
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        215⤵
        
        PID:4872
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        216⤵
        
        PID:2180
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        216⤵
        
        PID:3520
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        217⤵
        
        PID:2192
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        217⤵
        
        PID:4184
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        218⤵
        
        PID:1648
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        218⤵
        
        PID:3080
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        219⤵
        
        PID:72
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        219⤵
        
        PID:2460
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        220⤵
        
        PID:3596
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        220⤵
        
        PID:1084
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        221⤵
        
        PID:4512
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        221⤵
        
        PID:2920
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        222⤵
        
        PID:4708
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        222⤵
        
        PID:952
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        223⤵
        
        PID:2408
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        223⤵
        
        PID:4252
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        224⤵
        
        PID:4268
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        224⤵
        
        PID:3296
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        225⤵
        
        PID:4964
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        225⤵
        
        PID:4992
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        226⤵
        
        PID:5112
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        226⤵
        
        PID:3216
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        227⤵
        
        PID:3612
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        227⤵
        
        PID:4112
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        228⤵
        
        PID:1588
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        228⤵
        
        PID:3564
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        229⤵
        
        PID:4276
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        229⤵
        
        PID:1492
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        230⤵
        
        PID:2180
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        230⤵
        
        PID:3972
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        231⤵
        
        PID:2192
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        231⤵
        
        PID:2804
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        232⤵
        
        PID:4100
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        232⤵
        
        PID:3284
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        233⤵
        
        PID:72
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        233⤵
        
        PID:860
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        234⤵
        
        PID:3920
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        234⤵
        
        PID:3764
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        235⤵
        
        PID:2468
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        235⤵
        
        PID:344
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        236⤵
        
        PID:4708
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        236⤵
        
        PID:4068
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        237⤵
        
        PID:2408
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        237⤵
        
        PID:1984
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        238⤵
        
        PID:4120
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        238⤵
        
        PID:4268
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        239⤵
        
        PID:1188
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        239⤵
        
        PID:3312
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        240⤵
        
        PID:3228
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        240⤵
        
        PID:972
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        241⤵
        
        PID:3648
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        241⤵
        
        PID:1400
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        242⤵
        
        PID:1960
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        242⤵
        
        PID:2628
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        243⤵
        
        PID:1700
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        243⤵
        
        PID:4784
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        244⤵
        
        PID:1104
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        244⤵
        
        PID:2180
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        245⤵
        
        PID:4476
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        245⤵
        
        PID:4988
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        246⤵
        
        PID:2700
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        246⤵
        
        PID:4100
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        247⤵
        
        PID:2920
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        247⤵
        
        PID:4724
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        248⤵
        
        PID:4456
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        248⤵
        
        PID:1780
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        249⤵
        
        PID:2056
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        249⤵
        
        PID:1612
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        250⤵
        
        PID:932
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        250⤵
        
        PID:3060
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        251⤵
        
        PID:2572
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        251⤵
        
        PID:4092
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        252⤵
        
        PID:3256
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        252⤵
        
        PID:4520
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        253⤵
        
        PID:4912
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        253⤵
        
        PID:1188
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        254⤵
        
        PID:3844
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        254⤵
        
        PID:3228
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        255⤵
        
        PID:3736
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        255⤵
        
        PID:3648
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        256⤵
        
        PID:1392
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        256⤵
        
        PID:2516
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        257⤵
        
        PID:4700
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        257⤵
        
        PID:1376
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        258⤵
        
        PID:4288
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        258⤵
        
        PID:2764
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        259⤵
        
        PID:1936
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        259⤵
        
        PID:2052
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        260⤵
        
        PID:1824
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        260⤵
        
        PID:3596
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        261⤵
        
        PID:4108
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        261⤵
        
        PID:1216
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        262⤵
        
        PID:2928
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        262⤵
        
        PID:1516
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        263⤵
        
        PID:2280
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        263⤵
        
        PID:4756
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        264⤵
        
        PID:2480
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        264⤵
        
        PID:1908
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        265⤵
        
        PID:5020
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        265⤵
        
        PID:2380
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        266⤵
        
        PID:2416
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        266⤵
        
        PID:1372
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        267⤵
        
        PID:4704
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        267⤵
        
        PID:224
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        268⤵
        
        PID:3956
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        268⤵
        
        PID:3868
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        269⤵
        
        PID:3148
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        269⤵
        
        PID:4784
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        270⤵
        
        PID:2204
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        270⤵
        
        PID:2368
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        271⤵
        
        PID:1700
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        271⤵
        
        PID:3104
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        272⤵
        
        PID:4380
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        272⤵
        
        PID:3276
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        273⤵
        
        PID:4476
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        273⤵
        
        PID:4524
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        274⤵
        
        PID:2276
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        274⤵
        
        PID:776
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        275⤵
        
        PID:400
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        275⤵
        
        PID:1516
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        276⤵
        
        PID:3616
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        276⤵
        
        PID:1332
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        277⤵
        
        PID:3712
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        277⤵
        
        PID:4268
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        278⤵
        
        PID:3812
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        278⤵
        
        PID:2380
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        279⤵
        
        PID:3140
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        279⤵
        
        PID:1792
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        280⤵
        
        PID:3136
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        280⤵
        
        PID:2724
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        281⤵
        
        PID:3892
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        281⤵
        
        PID:3968
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        282⤵
        
        PID:1436
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        282⤵
        
        PID:3068
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        283⤵
        
        PID:4888
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        283⤵
        
        PID:2388
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        284⤵
        
        PID:4008
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        284⤵
        
        PID:3300
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        285⤵
        
        PID:4548
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        285⤵
        
        PID:3096
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        286⤵
        
        PID:3252
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        286⤵
        
        PID:460
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        287⤵
        
        PID:692
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        287⤵
        
        PID:3040
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        288⤵
        
        PID:2484
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        288⤵
        
        PID:2532
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        289⤵
        
        PID:2292
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        289⤵
        
        PID:4664
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        290⤵
        
        PID:3244
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        290⤵
        
        PID:2964
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        291⤵
        
        PID:4900
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        291⤵
        
        PID:4120
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        292⤵
        
        PID:1512
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        292⤵
        
        PID:4044
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        293⤵
        
        PID:2300
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        293⤵
        
        PID:4720
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        294⤵
        
        PID:4884
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        294⤵
        
        PID:3020
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        295⤵
        
        PID:4392
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        295⤵
        
        PID:4700
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        296⤵
        
        PID:4612
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        296⤵
        
        PID:4688
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        297⤵
        
        PID:3596
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        297⤵
        
        PID:652
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        298⤵
        
        PID:4140
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        298⤵
        
        PID:4456
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        299⤵
        
        PID:1824
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        299⤵
        
        PID:4604
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        300⤵
        
        PID:2232
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        300⤵
        
        PID:4484
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        301⤵
        
        PID:4936
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        301⤵
        
        PID:4908
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        302⤵
        
        PID:4480
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        302⤵
        
        PID:3232
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        303⤵
        
        PID:4816
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        303⤵
        
        PID:2024
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        304⤵
        
        PID:2664
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        304⤵
        
        PID:4912
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        305⤵
        
        PID:716
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        305⤵
        
        PID:3972
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        306⤵
        
        PID:2176
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        306⤵
        
        PID:2368
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        307⤵
        
        PID:4220
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        307⤵
        
        PID:3644
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        308⤵
        
        PID:2544
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        308⤵
        
        PID:4876
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        309⤵
        
        PID:4524
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        309⤵
        
        PID:468
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        310⤵
        
        PID:3124
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        310⤵
        
        PID:3016
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        311⤵
        
        PID:1516
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        311⤵
        
        PID:1128
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        312⤵
        
        PID:4844
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        312⤵
        
        PID:1100
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        313⤵
        
        PID:5036
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        313⤵
        
        PID:4796
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        314⤵
        
        PID:3552
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        314⤵
        
        PID:4868
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        315⤵
        
        PID:456
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        315⤵
        
        PID:2548
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        316⤵
        
        PID:2480
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        316⤵
        
        PID:868
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        317⤵
        
        PID:4020
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        317⤵
        
        PID:4184
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        318⤵
        
        PID:4804
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        318⤵
        
        PID:396
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        319⤵
        
        PID:1924
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        319⤵
        
        PID:3564
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        320⤵
        
        PID:1084
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        320⤵
        
        PID:5032
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        321⤵
        
        PID:1364
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        321⤵
        
        PID:1808
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        322⤵
        
        PID:2120
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        322⤵
        
        PID:4812
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        323⤵
        
        PID:2852
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        323⤵
        
        PID:2468
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        324⤵
        
        PID:3440
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        324⤵
        
        PID:1692
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        325⤵
        
        PID:1380
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        325⤵
        
        PID:4756
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        326⤵
        
        PID:4464
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        326⤵
        
        PID:4012
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        327⤵
        
        PID:3916
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        327⤵
        
        PID:2188
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        328⤵
        
        PID:2012
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        328⤵
        
        PID:336
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        329⤵
        
        PID:4996
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        329⤵
        
        PID:3844
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        330⤵
        
        PID:4892
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        330⤵
        
        PID:4720
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        331⤵
        
        PID:4652
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        331⤵
        
        PID:4276
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        332⤵
        
        PID:228
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        332⤵
        
        PID:1164
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        333⤵
        
        PID:3444
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        333⤵
        
        PID:2764
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        334⤵
        
        PID:4876
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        334⤵
        
        PID:1768
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        335⤵
        
        PID:3592
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        335⤵
        
        PID:2352
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        336⤵
        
        PID:1912
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        336⤵
        
        PID:2120
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        337⤵
        
        PID:4864
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        337⤵
        
        PID:1212
        
        C:\Users\Admin\AppData\Local\Temp\sat.exe
        
        "C:\Users\Admin\AppData\Local\Temp\sat.exe"
        338⤵
        
        PID:2612
        
        C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe"
        338⤵
        
        PID:3876

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\Algorithm_Converter_Arab-you.exe.log

Filesize
654B

MD5
2cbbb74b7da1f720b48ed31085cbd5b8

SHA1
79caa9a3ea8abe1b9c4326c3633da64a5f724964

SHA256
e31b18f21621d9983bfdf1ea3e53884a9d58b8ffd79e0e5790da6f3a81a8b9d3

SHA512
ecf02d5240e0c1c005d3ab393aa7eff62bd498c2db5905157e2bf6d29e1b663228a9583950842629d1a4caef404c8941a0c7799b1a3bd1eb890a09fdb7efcff9

Download Submit
C:\Users\Admin\AppData\Local\Temp\Algorithm_Converter_Arab-you.exe

Filesize
497KB

MD5
7e01e34e779c50de84cc3e4321d68b6f

SHA1
31ec2e0168867753e0c649dbaeb92aaafb22f6d3

SHA256
ea2ab2ecedf5c203a42e9b29566ada7f70959f41e23e2346fc38322c2cfe43fa

SHA512
af9f51af435f41b9578c72f163d43abb3edd5bfb27fd7b0e4f83799f0df62bf5a9d8e813bf2aab2fc85414ac3f2997400ac5d833d6c77803c568ba954b6c6414

Download Submit
C:\Users\Admin\AppData\Local\Temp\sat.exe

Filesize
38KB

MD5
e164da45cc32bca07988cacac801769e

SHA1
52a3c61a3d34463fc1af177432d7c479ecdbc516

SHA256
ca900befdbee89117db35225852504d18b34ce00fe0fc079cd6c295204f620f6

SHA512
308c8d12c3f504099f7bba2d0f2a9624a9318a353af8ec13a460ca50b64928a6f39384c80d195e3f431ea7da7b76e0610332f5629af853d61e708869bd23ecb7

Download Submit
memory/1252-19-0x0000000000030000-0x0000000000040000-memory.dmp

Filesize
64KB

Download
memory/1252-18-0x00007FFDABAF0000-0x00007FFDAC5B2000-memory.dmp

Filesize
10.8MB

Download
memory/1252-25-0x00007FFDABAF0000-0x00007FFDAC5B2000-memory.dmp

Filesize
10.8MB

Download
memory/2052-0-0x00007FFDABAF3000-0x00007FFDABAF5000-memory.dmp

Filesize
8KB

Download
memory/2052-1-0x0000000000960000-0x00000000009E0000-memory.dmp

Filesize
512KB

Download
memory/2052-4-0x00007FFDABAF0000-0x00007FFDAC5B2000-memory.dmp

Filesize
10.8MB

Download
memory/2052-20-0x00007FFDABAF0000-0x00007FFDAC5B2000-memory.dmp

Filesize
10.8MB

Download
memory/4884-17-0x00007FFDABAF0000-0x00007FFDAC5B2000-memory.dmp

Filesize
10.8MB

Download
memory/4884-24-0x00007FFDABAF0000-0x00007FFDAC5B2000-memory.dmp

Filesize
10.8MB

Download