xworm | 5656064ae4d3c302be4f376131bce57fa83ba30e94c329f33adb91836d7f4bf8

Analysis

max time kernel
6s
max time network
145s
platform
windows10-2004_x64
resource
win10v2004-20250314-en
resource tags

arch:x64arch:x86image:win10v2004-20250314-enlocale:en-usos:windows10-2004-x64system
submitted
22/03/2025, 06:09

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

342f2b5aa4fb4c3d9bfa18f7ff3e96ac5a21db19b8635b92ca789dfcb4e55875.exe
Size

446KB
MD5

68e298b36db386382e7dfbe5bd784699
SHA1

123700bc8004ee6c9967a6818689658c23cf4996
SHA256

342f2b5aa4fb4c3d9bfa18f7ff3e96ac5a21db19b8635b92ca789dfcb4e55875
SHA512

879f41008ddd3464026b5c93338246fddfcc640e2790bf3d106555e22103dde1bfc33e23125e891a676daa263635518142cbf481f91b0671adfadce63222a562
SSDEEP

12288:CEgwe8+6XzGT4DaHK8mzQz9vIQozyiScxvN4HZwujQ:C1wjDaq5zOgRzyQvNKh

Score

10^/10

xworm rat trojan

Malware Config

Extracted

Family

xworm

127.0.0.1:7000

Attributes

install_file
USB.exe

Signatures

Detect Xworm Payload 2 IoCs

resource	yara_rule
behavioral14/files/0x002000000002370b-6.dat	family_xworm
behavioral14/memory/4384-21-0x0000000000240000-0x0000000000252000-memory.dmp	family_xworm

Xworm
Xworm is a remote access trojan written in C#.
trojan rat xworm
Xworm family
xworm

Checks computer location settings 2 TTPs 59 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	342f2b5aa4fb4c3d9bfa18f7ff3e96ac5a21db19b8635b92ca789dfcb4e55875.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1062200478-553497403-3857448183-1000\Control Panel\International\Geo\Nation	Output.exe

Executes dropped EXE 64 IoCs

pid	Process
4384	XClient.exe
2704	Output.exe
6044	XClient.exe
5284	Output.exe
2292	XClient.exe
2760	Output.exe
4504	XClient.exe
4544	Output.exe
4656	XClient.exe
4756	Output.exe
4588	XClient.exe
1988	Output.exe
2976	XClient.exe
1376	Output.exe
4740	XClient.exe
4824	Output.exe
2428	XClient.exe
1224	Output.exe
5564	XClient.exe
4668	Output.exe
5492	XClient.exe
4296	Output.exe
2280	XClient.exe
2688	Output.exe
2036	XClient.exe
3132	Output.exe
5824	XClient.exe
2868	Output.exe
2792	XClient.exe
2172	Output.exe
4064	XClient.exe
5232	Output.exe
6100	XClient.exe
5832	Output.exe
5676	XClient.exe
3228	Output.exe
5744	XClient.exe
3740	Output.exe
1748	XClient.exe
5084	Output.exe
1080	XClient.exe
5988	Output.exe
736	XClient.exe
4148	Output.exe
4972	XClient.exe
5080	Output.exe
3056	XClient.exe
1188	Output.exe
3708	XClient.exe
264	Output.exe
3288	XClient.exe
1924	Output.exe
3148	XClient.exe
4092	Output.exe
2332	XClient.exe
2228	Output.exe
3556	XClient.exe
3080	Output.exe
2540	XClient.exe
5540	Output.exe
4160	XClient.exe
4900	Output.exe
4644	XClient.exe
4632	Output.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Suspicious use of AdjustPrivilegeToken 27 IoCs

description	pid	Process
Token: SeDebugPrivilege	4384	XClient.exe
Token: SeDebugPrivilege	6044	XClient.exe
Token: SeDebugPrivilege	2292	XClient.exe
Token: SeDebugPrivilege	4504	XClient.exe
Token: SeDebugPrivilege	4656	XClient.exe
Token: SeDebugPrivilege	4588	XClient.exe
Token: SeDebugPrivilege	2976	XClient.exe
Token: SeDebugPrivilege	4740	XClient.exe
Token: SeDebugPrivilege	2428	XClient.exe
Token: SeDebugPrivilege	5564	XClient.exe
Token: SeDebugPrivilege	5492	XClient.exe
Token: SeDebugPrivilege	2280	XClient.exe
Token: SeDebugPrivilege	2036	XClient.exe
Token: SeDebugPrivilege	5824	XClient.exe
Token: SeDebugPrivilege	2792	XClient.exe
Token: SeDebugPrivilege	4064	XClient.exe
Token: SeDebugPrivilege	6100	XClient.exe
Token: SeDebugPrivilege	5676	XClient.exe
Token: SeDebugPrivilege	5744	XClient.exe
Token: SeDebugPrivilege	1748	XClient.exe
Token: SeDebugPrivilege	1080	XClient.exe
Token: SeDebugPrivilege	736	XClient.exe
Token: SeDebugPrivilege	4972	XClient.exe
Token: SeDebugPrivilege	3056	XClient.exe
Token: SeDebugPrivilege	3708	XClient.exe
Token: SeDebugPrivilege	3288	XClient.exe
Token: SeDebugPrivilege	3148	XClient.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 6060 wrote to memory of 4384	6060	342f2b5aa4fb4c3d9bfa18f7ff3e96ac5a21db19b8635b92ca789dfcb4e55875.exe	86
PID 6060 wrote to memory of 4384	6060	342f2b5aa4fb4c3d9bfa18f7ff3e96ac5a21db19b8635b92ca789dfcb4e55875.exe	86
PID 6060 wrote to memory of 2704	6060	342f2b5aa4fb4c3d9bfa18f7ff3e96ac5a21db19b8635b92ca789dfcb4e55875.exe	88
PID 6060 wrote to memory of 2704	6060	342f2b5aa4fb4c3d9bfa18f7ff3e96ac5a21db19b8635b92ca789dfcb4e55875.exe	88
PID 2704 wrote to memory of 6044	2704	Output.exe	89
PID 2704 wrote to memory of 6044	2704	Output.exe	89
PID 2704 wrote to memory of 5284	2704	Output.exe	90
PID 2704 wrote to memory of 5284	2704	Output.exe	90
PID 5284 wrote to memory of 2292	5284	Output.exe	853
PID 5284 wrote to memory of 2292	5284	Output.exe	853
PID 5284 wrote to memory of 2760	5284	Output.exe	2372
PID 5284 wrote to memory of 2760	5284	Output.exe	2372
PID 2760 wrote to memory of 4504	2760	Output.exe	93
PID 2760 wrote to memory of 4504	2760	Output.exe	93
PID 2760 wrote to memory of 4544	2760	Output.exe	94
PID 2760 wrote to memory of 4544	2760	Output.exe	94
PID 4544 wrote to memory of 4656	4544	Output.exe	396
PID 4544 wrote to memory of 4656	4544	Output.exe	396
PID 4544 wrote to memory of 4756	4544	Output.exe	96
PID 4544 wrote to memory of 4756	4544	Output.exe	96
PID 4756 wrote to memory of 4588	4756	Output.exe	97
PID 4756 wrote to memory of 4588	4756	Output.exe	97
PID 4756 wrote to memory of 1988	4756	Output.exe	98
PID 4756 wrote to memory of 1988	4756	Output.exe	98
PID 1988 wrote to memory of 2976	1988	Output.exe	99
PID 1988 wrote to memory of 2976	1988	Output.exe	99
PID 1988 wrote to memory of 1376	1988	Output.exe	100
PID 1988 wrote to memory of 1376	1988	Output.exe	100
PID 1376 wrote to memory of 4740	1376	Output.exe	101
PID 1376 wrote to memory of 4740	1376	Output.exe	101
PID 1376 wrote to memory of 4824	1376	Output.exe	1327
PID 1376 wrote to memory of 4824	1376	Output.exe	1327
PID 4824 wrote to memory of 2428	4824	Output.exe	235
PID 4824 wrote to memory of 2428	4824	Output.exe	235
PID 4824 wrote to memory of 1224	4824	Output.exe	104
PID 4824 wrote to memory of 1224	4824	Output.exe	104
PID 1224 wrote to memory of 5564	1224	Output.exe	399
PID 1224 wrote to memory of 5564	1224	Output.exe	399
PID 1224 wrote to memory of 4668	1224	Output.exe	2920
PID 1224 wrote to memory of 4668	1224	Output.exe	2920
PID 4668 wrote to memory of 5492	4668	Output.exe	107
PID 4668 wrote to memory of 5492	4668	Output.exe	107
PID 4668 wrote to memory of 4296	4668	Output.exe	1272
PID 4668 wrote to memory of 4296	4668	Output.exe	1272
PID 4296 wrote to memory of 2280	4296	Output.exe	109
PID 4296 wrote to memory of 2280	4296	Output.exe	109
PID 4296 wrote to memory of 2688	4296	Output.exe	110
PID 4296 wrote to memory of 2688	4296	Output.exe	110
PID 2688 wrote to memory of 2036	2688	Output.exe	2869
PID 2688 wrote to memory of 2036	2688	Output.exe	2869
PID 2688 wrote to memory of 3132	2688	Output.exe	162
PID 2688 wrote to memory of 3132	2688	Output.exe	162
PID 3132 wrote to memory of 5824	3132	Output.exe	2896
PID 3132 wrote to memory of 5824	3132	Output.exe	2896
PID 3132 wrote to memory of 2868	3132	Output.exe	114
PID 3132 wrote to memory of 2868	3132	Output.exe	114
PID 2868 wrote to memory of 2792	2868	Output.exe	115
PID 2868 wrote to memory of 2792	2868	Output.exe	115
PID 2868 wrote to memory of 2172	2868	Output.exe	2924
PID 2868 wrote to memory of 2172	2868	Output.exe	2924
PID 2172 wrote to memory of 4064	2172	Output.exe	117
PID 2172 wrote to memory of 4064	2172	Output.exe	117
PID 2172 wrote to memory of 5232	2172	Output.exe	118
PID 2172 wrote to memory of 5232	2172	Output.exe	118

C:\Users\Admin\AppData\Local\Temp\342f2b5aa4fb4c3d9bfa18f7ff3e96ac5a21db19b8635b92ca789dfcb4e55875.exe
"C:\Users\Admin\AppData\Local\Temp\342f2b5aa4fb4c3d9bfa18f7ff3e96ac5a21db19b8635b92ca789dfcb4e55875.exe"
1⤵
- Checks computer location settings
- Suspicious use of WriteProcessMemory
PID:6060
- C:\Users\Admin\AppData\Roaming\XClient.exe
  "C:\Users\Admin\AppData\Roaming\XClient.exe"
  2⤵
  - Executes dropped EXE
  - Suspicious use of AdjustPrivilegeToken
  PID:4384
- C:\Users\Admin\AppData\Roaming\Output.exe
  "C:\Users\Admin\AppData\Roaming\Output.exe"
  2⤵
  - Checks computer location settings
  - Executes dropped EXE
  - Suspicious use of WriteProcessMemory
  PID:2704
- - C:\Users\Admin\AppData\Roaming\XClient.exe
    "C:\Users\Admin\AppData\Roaming\XClient.exe"
    3⤵
    - Executes dropped EXE
    - Suspicious use of AdjustPrivilegeToken
    PID:6044
- - C:\Users\Admin\AppData\Roaming\Output.exe
    "C:\Users\Admin\AppData\Roaming\Output.exe"
    3⤵
    - Checks computer location settings
    - Executes dropped EXE
    - Suspicious use of WriteProcessMemory
    PID:5284
  - - C:\Users\Admin\AppData\Roaming\XClient.exe
      "C:\Users\Admin\AppData\Roaming\XClient.exe"
      4⤵
      Executes dropped EXE
      Suspicious use of AdjustPrivilegeToken
      PID:2292
  - - C:\Users\Admin\AppData\Roaming\Output.exe
      "C:\Users\Admin\AppData\Roaming\Output.exe"
      4⤵
      Checks computer location settings
      Executes dropped EXE
      Suspicious use of WriteProcessMemory
      PID:2760
    - - C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        5⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:4504
    - - C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        5⤵
        Checks computer location settings
        Executes dropped EXE
        Suspicious use of WriteProcessMemory
        
        PID:4544
      - C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        6⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:4656
      - C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        6⤵
        Checks computer location settings
        Executes dropped EXE
        Suspicious use of WriteProcessMemory
        
        PID:4756
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        7⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:4588
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        7⤵
        Checks computer location settings
        Executes dropped EXE
        Suspicious use of WriteProcessMemory
        
        PID:1988
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        8⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2976
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        8⤵
        Checks computer location settings
        Executes dropped EXE
        Suspicious use of WriteProcessMemory
        
        PID:1376
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        9⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:4740
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        9⤵
        Checks computer location settings
        Executes dropped EXE
        Suspicious use of WriteProcessMemory
        
        PID:4824
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        10⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2428
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        10⤵
        Checks computer location settings
        Executes dropped EXE
        Suspicious use of WriteProcessMemory
        
        PID:1224
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        11⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:5564
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        11⤵
        Checks computer location settings
        Executes dropped EXE
        Suspicious use of WriteProcessMemory
        
        PID:4668
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        12⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:5492
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        12⤵
        Checks computer location settings
        Executes dropped EXE
        Suspicious use of WriteProcessMemory
        
        PID:4296
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        13⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2280
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        13⤵
        Checks computer location settings
        Executes dropped EXE
        Suspicious use of WriteProcessMemory
        
        PID:2688
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        14⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2036
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        14⤵
        Checks computer location settings
        Executes dropped EXE
        Suspicious use of WriteProcessMemory
        
        PID:3132
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        15⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:5824
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        15⤵
        Checks computer location settings
        Executes dropped EXE
        Suspicious use of WriteProcessMemory
        
        PID:2868
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        16⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2792
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        16⤵
        Checks computer location settings
        Executes dropped EXE
        Suspicious use of WriteProcessMemory
        
        PID:2172
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        17⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:4064
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        17⤵
        Checks computer location settings
        Executes dropped EXE
        
        PID:5232
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        18⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:6100
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        18⤵
        Checks computer location settings
        Executes dropped EXE
        
        PID:5832
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        19⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:5676
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        19⤵
        Checks computer location settings
        Executes dropped EXE
        
        PID:3228
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        20⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:5744
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        20⤵
        Checks computer location settings
        Executes dropped EXE
        
        PID:3740
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        21⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1748
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        21⤵
        Checks computer location settings
        Executes dropped EXE
        
        PID:5084
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        22⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1080
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        22⤵
        Checks computer location settings
        Executes dropped EXE
        
        PID:5988
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        23⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:736
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        23⤵
        Checks computer location settings
        Executes dropped EXE
        
        PID:4148
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        24⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:4972
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        24⤵
        Checks computer location settings
        Executes dropped EXE
        
        PID:5080
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        25⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:3056
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        25⤵
        Checks computer location settings
        Executes dropped EXE
        
        PID:1188
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        26⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:3708
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        26⤵
        Checks computer location settings
        Executes dropped EXE
        
        PID:264
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        27⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:3288
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        27⤵
        Checks computer location settings
        Executes dropped EXE
        
        PID:1924
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        28⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:3148
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        28⤵
        Checks computer location settings
        Executes dropped EXE
        
        PID:4092
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        29⤵
        Executes dropped EXE
        
        PID:2332
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        29⤵
        Checks computer location settings
        Executes dropped EXE
        
        PID:2228
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        30⤵
        Executes dropped EXE
        
        PID:3556
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        30⤵
        Checks computer location settings
        Executes dropped EXE
        
        PID:3080
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        31⤵
        Executes dropped EXE
        
        PID:2540
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        31⤵
        Checks computer location settings
        Executes dropped EXE
        
        PID:5540
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        32⤵
        Executes dropped EXE
        
        PID:4160
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        32⤵
        Checks computer location settings
        Executes dropped EXE
        
        PID:4900
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        33⤵
        Executes dropped EXE
        
        PID:4644
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        33⤵
        Checks computer location settings
        Executes dropped EXE
        
        PID:4632
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        34⤵
        
        PID:5736
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        34⤵
        Checks computer location settings
        
        PID:920
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        35⤵
        
        PID:1988
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        35⤵
        Checks computer location settings
        
        PID:4732
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        36⤵
        
        PID:916
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        36⤵
        Checks computer location settings
        
        PID:4824
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        37⤵
        
        PID:1208
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        37⤵
        Checks computer location settings
        
        PID:2184
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        38⤵
        
        PID:4068
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        38⤵
        Checks computer location settings
        
        PID:5240
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        39⤵
        
        PID:4352
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        39⤵
        Checks computer location settings
        
        PID:3132
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        40⤵
        
        PID:1160
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        40⤵
        Checks computer location settings
        
        PID:1372
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        41⤵
        
        PID:1584
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        41⤵
        Checks computer location settings
        
        PID:3204
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        42⤵
        
        PID:644
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        42⤵
        Checks computer location settings
        
        PID:2588
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        43⤵
        
        PID:5740
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        43⤵
        Checks computer location settings
        
        PID:1308
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        44⤵
        
        PID:2692
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        44⤵
        Checks computer location settings
        
        PID:2812
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        45⤵
        
        PID:1348
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        45⤵
        Checks computer location settings
        
        PID:2156
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        46⤵
        
        PID:6008
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        46⤵
        Checks computer location settings
        
        PID:5080
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        47⤵
        
        PID:1188
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        47⤵
        Checks computer location settings
        
        PID:5172
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        48⤵
        
        PID:1588
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        48⤵
        Checks computer location settings
        
        PID:1656
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        49⤵
        
        PID:2580
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        49⤵
        Checks computer location settings
        
        PID:4428
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        50⤵
        
        PID:3948
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        50⤵
        Checks computer location settings
        
        PID:2528
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        51⤵
        
        PID:5264
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        51⤵
        Checks computer location settings
        
        PID:5296
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        52⤵
        
        PID:4592
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        52⤵
        Checks computer location settings
        
        PID:3368
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        53⤵
        
        PID:760
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        53⤵
        Checks computer location settings
        
        PID:3944
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        54⤵
        
        PID:412
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        54⤵
        Checks computer location settings
        
        PID:4752
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        55⤵
        
        PID:4736
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        55⤵
        Checks computer location settings
        
        PID:4732
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        56⤵
        
        PID:924
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        56⤵
        Checks computer location settings
        
        PID:4668
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        57⤵
        
        PID:3856
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        57⤵
        Checks computer location settings
        
        PID:3772
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        58⤵
        
        PID:4044
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        58⤵
        Checks computer location settings
        
        PID:2184
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        59⤵
        
        PID:1912
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        59⤵
        Checks computer location settings
        
        PID:4052
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        60⤵
        
        PID:2172
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        60⤵
        
        PID:1596
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        61⤵
        
        PID:2816
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        61⤵
        
        PID:3204
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        62⤵
        
        PID:3320
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        62⤵
        
        PID:3372
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        63⤵
        
        PID:5596
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        63⤵
        
        PID:348
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        64⤵
        
        PID:752
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        64⤵
        
        PID:4948
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        65⤵
        
        PID:5572
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        65⤵
        
        PID:5320
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        66⤵
        
        PID:5560
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        66⤵
        
        PID:884
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        67⤵
        
        PID:1720
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        67⤵
        
        PID:4092
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        68⤵
        
        PID:4028
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        68⤵
        
        PID:2972
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        69⤵
        
        PID:4164
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        69⤵
        
        PID:4652
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        70⤵
        
        PID:4980
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        70⤵
        
        PID:5136
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        71⤵
        
        PID:3956
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        71⤵
        
        PID:4604
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        72⤵
        
        PID:2008
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        72⤵
        
        PID:4540
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        73⤵
        
        PID:3468
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        73⤵
        
        PID:4768
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        74⤵
        
        PID:4556
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        74⤵
        
        PID:5432
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        75⤵
        
        PID:4732
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        75⤵
        
        PID:4608
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        76⤵
        
        PID:2428
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        76⤵
        
        PID:2456
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        77⤵
        
        PID:2088
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        77⤵
        
        PID:4276
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        78⤵
        
        PID:3724
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        78⤵
        
        PID:4460
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        79⤵
        
        PID:4088
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        79⤵
        
        PID:4848
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        80⤵
        
        PID:5788
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        80⤵
        
        PID:3556
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        81⤵
        
        PID:1600
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        81⤵
        
        PID:4680
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        82⤵
        
        PID:1992
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        82⤵
        
        PID:4148
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        83⤵
        
        PID:6028
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        83⤵
        
        PID:4948
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        84⤵
        
        PID:6048
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        84⤵
        
        PID:624
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        85⤵
        
        PID:6100
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        85⤵
        
        PID:5124
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        86⤵
        
        PID:4400
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        86⤵
        
        PID:5972
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        87⤵
        
        PID:6068
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        87⤵
        
        PID:1996
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        88⤵
        
        PID:1748
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        88⤵
        
        PID:2984
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        89⤵
        
        PID:1080
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        89⤵
        
        PID:4168
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        90⤵
        
        PID:1020
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        90⤵
        
        PID:1456
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        91⤵
        
        PID:4768
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        91⤵
        
        PID:6040
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        92⤵
        
        PID:5432
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        92⤵
        
        PID:4968
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        93⤵
        
        PID:4608
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        93⤵
        
        PID:3648
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        94⤵
        
        PID:5836
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        94⤵
        
        PID:644
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        95⤵
        
        PID:3020
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        95⤵
        
        PID:4444
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        96⤵
        
        PID:5700
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        96⤵
        
        PID:3132
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        97⤵
        
        PID:5440
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        97⤵
        
        PID:1392
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        98⤵
        
        PID:1076
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        98⤵
        
        PID:676
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        99⤵
        
        PID:3476
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        99⤵
        
        PID:668
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        100⤵
        
        PID:1272
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        100⤵
        
        PID:4140
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        101⤵
        
        PID:264
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        101⤵
        
        PID:5728
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        102⤵
        
        PID:1404
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        102⤵
        
        PID:3564
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        103⤵
        
        PID:6020
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        103⤵
        
        PID:3684
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        104⤵
        
        PID:1440
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        104⤵
        
        PID:6136
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        105⤵
        
        PID:1360
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        105⤵
        
        PID:2984
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        106⤵
        
        PID:4664
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        106⤵
        
        PID:2900
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        107⤵
        
        PID:2888
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        107⤵
        
        PID:4976
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        108⤵
        
        PID:5592
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        108⤵
        
        PID:5112
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        109⤵
        
        PID:2092
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        109⤵
        
        PID:4968
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        110⤵
        
        PID:2172
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        110⤵
        
        PID:2736
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        111⤵
        
        PID:876
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        111⤵
        
        PID:400
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        112⤵
        
        PID:996
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        112⤵
        
        PID:3184
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        113⤵
        
        PID:1460
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        113⤵
        
        PID:224
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        114⤵
        
        PID:5028
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        114⤵
        
        PID:208
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        115⤵
        
        PID:3360
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        115⤵
        
        PID:1740
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        116⤵
        
        PID:5132
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        116⤵
        
        PID:1304
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        117⤵
        
        PID:556
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        117⤵
        
        PID:4408
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        118⤵
        
        PID:4424
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        118⤵
        
        PID:1656
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        119⤵
        
        PID:3216
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        119⤵
        
        PID:6044
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        120⤵
        
        PID:5404
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        120⤵
        
        PID:5612
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        121⤵
        
        PID:2884
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        121⤵
        
        PID:316
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        122⤵
        
        PID:3312
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        122⤵
        
        PID:3224
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        123⤵
        
        PID:4812
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        123⤵
        
        PID:6040
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        124⤵
        
        PID:2088
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        124⤵
        
        PID:2976
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        125⤵
        
        PID:2612
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        125⤵
        
        PID:2456
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        126⤵
        
        PID:3648
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        126⤵
        
        PID:644
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        127⤵
        
        PID:3140
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        127⤵
        
        PID:3692
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        128⤵
        
        PID:5640
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        128⤵
        
        PID:752
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        129⤵
        
        PID:5496
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        129⤵
        
        PID:5524
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        130⤵
        
        PID:2156
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        130⤵
        
        PID:5828
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        131⤵
        
        PID:4856
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        131⤵
        
        PID:5080
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        132⤵
        
        PID:5604
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        132⤵
        
        PID:6100
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        133⤵
        
        PID:4892
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        133⤵
        
        PID:4400
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        134⤵
        
        PID:4408
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        134⤵
        
        PID:4464
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        135⤵
        
        PID:412
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        135⤵
        
        PID:5712
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        136⤵
        
        PID:4736
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        136⤵
        
        PID:2268
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        137⤵
        
        PID:4748
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        137⤵
        
        PID:4540
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        138⤵
        
        PID:4200
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        138⤵
        
        PID:2368
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        139⤵
        
        PID:3224
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        139⤵
        
        PID:540
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        140⤵
        
        PID:5432
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        140⤵
        
        PID:1912
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        141⤵
        
        PID:5552
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        141⤵
        
        PID:5764
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        142⤵
        
        PID:2736
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        142⤵
        
        PID:5532
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        143⤵
        
        PID:1976
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        143⤵
        
        PID:4380
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        144⤵
        
        PID:5700
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        144⤵
        
        PID:4272
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        145⤵
        
        PID:1676
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        145⤵
        
        PID:4848
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        146⤵
        
        PID:1076
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        146⤵
        
        PID:2672
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        147⤵
        
        PID:6124
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        147⤵
        
        PID:3476
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        148⤵
        
        PID:3904
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        148⤵
        
        PID:3956
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        149⤵
        
        PID:3368
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        149⤵
        
        PID:2112
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        150⤵
        
        PID:3468
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        150⤵
        
        PID:6044
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        151⤵
        
        PID:6052
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        151⤵
        
        PID:5612
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        152⤵
        
        PID:1020
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        152⤵
        
        PID:5696
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        153⤵
        
        PID:4476
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        153⤵
        
        PID:1516
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        154⤵
        
        PID:4656
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        154⤵
        
        PID:4704
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        155⤵
        
        PID:3676
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        155⤵
        
        PID:5564
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        156⤵
        
        PID:5716
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        156⤵
        
        PID:5100
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        157⤵
        
        PID:3516
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        157⤵
        
        PID:5372
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        158⤵
        
        PID:4904
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        158⤵
        
        PID:4024
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        159⤵
        
        PID:2180
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        159⤵
        
        PID:2340
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        160⤵
        
        PID:5772
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        160⤵
        
        PID:4164
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        161⤵
        
        PID:624
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        161⤵
        
        PID:4520
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        162⤵
        
        PID:4140
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        162⤵
        
        PID:5616
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        163⤵
        
        PID:5872
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        163⤵
        
        PID:4620
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        164⤵
        
        PID:3348
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        164⤵
        
        PID:5136
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        165⤵
        
        PID:4488
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        165⤵
        
        PID:4880
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        166⤵
        
        PID:2620
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        166⤵
        
        PID:924
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        167⤵
        
        PID:4876
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        167⤵
        
        PID:2876
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        168⤵
        
        PID:2368
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        168⤵
        
        PID:4584
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        169⤵
        
        PID:4664
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        169⤵
        
        PID:4968
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        170⤵
        
        PID:3992
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        170⤵
        
        PID:5484
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        171⤵
        
        PID:1604
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        171⤵
        
        PID:3020
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        172⤵
        
        PID:5148
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        172⤵
        
        PID:5244
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        173⤵
        
        PID:6112
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        173⤵
        
        PID:668
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        174⤵
        
        PID:5584
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        174⤵
        
        PID:4888
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        175⤵
        
        PID:348
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        175⤵
        
        PID:728
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        176⤵
        
        PID:6076
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        176⤵
        
        PID:2928
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        177⤵
        
        PID:3948
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        177⤵
        
        PID:4636
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        178⤵
        
        PID:4412
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        178⤵
        
        PID:5264
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        179⤵
        
        PID:5140
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        179⤵
        
        PID:1988
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        180⤵
        
        PID:5172
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        180⤵
        
        PID:5500
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        181⤵
        
        PID:4404
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        181⤵
        
        PID:4044
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        182⤵
        
        PID:3592
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        182⤵
        
        PID:2176
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        183⤵
        
        PID:6004
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        183⤵
        
        PID:2372
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        184⤵
        
        PID:4168
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        184⤵
        
        PID:5836
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        185⤵
        
        PID:4276
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        185⤵
        
        PID:5356
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        186⤵
        
        PID:1884
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        186⤵
        
        PID:656
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        187⤵
        
        PID:212
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        187⤵
        
        PID:2080
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        188⤵
        
        PID:3724
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        188⤵
        
        PID:2348
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        189⤵
        
        PID:2816
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        189⤵
        
        PID:888
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        190⤵
        
        PID:3860
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        190⤵
        
        PID:1484
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        191⤵
        
        PID:3188
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        191⤵
        
        PID:4644
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        192⤵
        
        PID:2208
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        192⤵
        
        PID:5700
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        193⤵
        
        PID:5264
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        193⤵
        
        PID:1096
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        194⤵
        
        PID:4648
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        194⤵
        
        PID:4572
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        195⤵
        
        PID:2636
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        195⤵
        
        PID:1304
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        196⤵
        
        PID:4432
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        196⤵
        
        PID:4632
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        197⤵
        
        PID:3564
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        197⤵
        
        PID:4132
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        198⤵
        
        PID:5228
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        198⤵
        
        PID:1348
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        199⤵
        
        PID:4500
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        199⤵
        
        PID:2640
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        200⤵
        
        PID:6052
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        200⤵
        
        PID:2676
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        201⤵
        
        PID:2352
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        201⤵
        
        PID:1028
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        202⤵
        
        PID:5076
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        202⤵
        
        PID:3276
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        203⤵
        
        PID:4976
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        203⤵
        
        PID:4520
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        204⤵
        
        PID:824
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        204⤵
        
        PID:264
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        205⤵
        
        PID:5716
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        205⤵
        
        PID:5248
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        206⤵
        
        PID:1200
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        206⤵
        
        PID:1048
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        207⤵
        
        PID:4496
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        207⤵
        
        PID:1988
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        208⤵
        
        PID:2268
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        208⤵
        
        PID:996
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        209⤵
        
        PID:1076
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        209⤵
        
        PID:4044
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        210⤵
        
        PID:6124
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        210⤵
        
        PID:5624
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        211⤵
        
        PID:5312
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        211⤵
        
        PID:688
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        212⤵
        
        PID:4184
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        212⤵
        
        PID:2972
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        213⤵
        
        PID:5504
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        213⤵
        
        PID:1748
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        214⤵
        
        PID:2364
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        214⤵
        
        PID:2640
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        215⤵
        
        PID:4732
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        215⤵
        
        PID:1440
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        216⤵
        
        PID:2348
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        216⤵
        
        PID:4760
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        217⤵
        
        PID:1912
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        217⤵
        
        PID:2932
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        218⤵
        
        PID:5380
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        218⤵
        
        PID:3228
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        219⤵
        
        PID:5248
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        219⤵
        
        PID:2112
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        220⤵
        
        PID:5372
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        220⤵
        
        PID:2812
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        221⤵
        
        PID:224
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        221⤵
        
        PID:1676
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        222⤵
        
        PID:5184
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        222⤵
        
        PID:396
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        223⤵
        
        PID:2672
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        223⤵
        
        PID:2176
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        224⤵
        
        PID:3440
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        224⤵
        
        PID:5624
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        225⤵
        
        PID:3728
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        225⤵
        
        PID:3544
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        226⤵
        
        PID:5836
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        226⤵
        
        PID:736
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        227⤵
        
        PID:5484
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        227⤵
        
        PID:4964
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        228⤵
        
        PID:316
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        228⤵
        
        PID:3680
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        229⤵
        
        PID:2976
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        229⤵
        
        PID:2368
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        230⤵
        
        PID:4608
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        230⤵
        
        PID:4088
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        231⤵
        
        PID:3536
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        231⤵
        
        PID:4676
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        232⤵
        
        PID:4068
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        232⤵
        
        PID:5132
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        233⤵
        
        PID:3864
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        233⤵
        
        PID:1884
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        234⤵
        
        PID:1924
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        234⤵
        
        PID:5348
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        235⤵
        
        PID:5068
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        235⤵
        
        PID:3724
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        236⤵
        
        PID:4888
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        236⤵
        
        PID:5924
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        237⤵
        
        PID:1092
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        237⤵
        
        PID:4744
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        238⤵
        
        PID:1260
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        238⤵
        
        PID:3188
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        239⤵
        
        PID:3088
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        239⤵
        
        PID:3504
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        240⤵
        
        PID:3468
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        240⤵
        
        PID:5188
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        241⤵
        
        PID:5000
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        241⤵
        
        PID:4364
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        242⤵
        
        PID:4292
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        242⤵
        
        PID:1360
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        243⤵
        
        PID:5728
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        243⤵
        
        PID:3028
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        244⤵
        
        PID:2736
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        244⤵
        
        PID:3424
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        245⤵
        
        PID:5764
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        245⤵
        
        PID:2932
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        246⤵
        
        PID:5740
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        246⤵
        
        PID:6132
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        247⤵
        
        PID:3224
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        247⤵
        
        PID:3868
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        248⤵
        
        PID:4104
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        248⤵
        
        PID:2812
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        249⤵
        
        PID:4476
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        249⤵
        
        PID:2876
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        250⤵
        
        PID:2824
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        250⤵
        
        PID:3740
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        251⤵
        
        PID:5556
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        251⤵
        
        PID:4600
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        252⤵
        
        PID:5152
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        252⤵
        
        PID:5716
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        253⤵
        
        PID:4644
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        253⤵
        
        PID:1200
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        254⤵
        
        PID:3196
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        254⤵
        
        PID:4496
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        255⤵
        
        PID:1184
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        255⤵
        
        PID:1028
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        256⤵
        
        PID:4816
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        256⤵
        
        PID:3852
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        257⤵
        
        PID:1304
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        257⤵
        
        PID:1576
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        258⤵
        
        PID:6072
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        258⤵
        
        PID:5296
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        259⤵
        
        PID:3044
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        259⤵
        
        PID:5488
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        260⤵
        
        PID:2124
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        260⤵
        
        PID:4904
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        261⤵
        
        PID:2892
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        261⤵
        
        PID:6112
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        262⤵
        
        PID:5696
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        262⤵
        
        PID:5244
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        263⤵
        
        PID:1368
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        263⤵
        
        PID:5976
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        264⤵
        
        PID:4520
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        264⤵
        
        PID:5924
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        265⤵
        
        PID:3272
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        265⤵
        
        PID:4912
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        266⤵
        
        PID:3812
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        266⤵
        
        PID:3188
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        267⤵
        
        PID:5136
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        267⤵
        
        PID:2000
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        268⤵
        
        PID:4880
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        268⤵
        
        PID:224
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        269⤵
        
        PID:5896
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        269⤵
        
        PID:5184
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        270⤵
        
        PID:4772
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        270⤵
        
        PID:2672
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        271⤵
        
        PID:4728
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        271⤵
        
        PID:3440
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        272⤵
        
        PID:5580
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        272⤵
        
        PID:3728
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        273⤵
        
        PID:3212
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        273⤵
        
        PID:5836
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        274⤵
        
        PID:6024
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        274⤵
        
        PID:4512
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        275⤵
        
        PID:1384
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        275⤵
        
        PID:2016
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        276⤵
        
        PID:1048
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        276⤵
        
        PID:5748
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        277⤵
        
        PID:3796
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        277⤵
        
        PID:5244
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        278⤵
        
        PID:2728
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        278⤵
        
        PID:5508
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        279⤵
        
        PID:5496
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        279⤵
        
        PID:5924
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        280⤵
        
        PID:1192
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        280⤵
        
        PID:824
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        281⤵
        
        PID:4788
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        281⤵
        
        PID:2180
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        282⤵
        
        PID:5140
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        282⤵
        
        PID:5940
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        283⤵
        
        PID:3144
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        283⤵
        
        PID:1096
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        284⤵
        
        PID:3904
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        284⤵
        
        PID:2228
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        285⤵
        
        PID:3712
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        285⤵
        
        PID:5612
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        286⤵
        
        PID:4408
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        286⤵
        
        PID:4516
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        287⤵
        
        PID:5296
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        287⤵
        
        PID:3276
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        288⤵
        
        PID:2280
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        288⤵
        
        PID:3876
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        289⤵
        
        PID:4160
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        289⤵
        
        PID:5520
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        290⤵
        
        PID:1812
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        290⤵
        
        PID:1528
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        291⤵
        
        PID:1864
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        291⤵
        
        PID:1460
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        292⤵
        
        PID:3992
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        292⤵
        
        PID:5976
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        293⤵
        
        PID:4276
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        293⤵
        
        PID:4044
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        294⤵
        
        PID:1372
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        294⤵
        
        PID:3948
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        295⤵
        
        PID:212
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        295⤵
        
        PID:5832
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        296⤵
        
        PID:3540
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        296⤵
        
        PID:5280
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        297⤵
        
        PID:5440
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        297⤵
        
        PID:4964
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        298⤵
        
        PID:4900
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        298⤵
        
        PID:1096
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        299⤵
        
        PID:1744
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        299⤵
        
        PID:2228
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        300⤵
        
        PID:3368
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        300⤵
        
        PID:2372
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        301⤵
        
        PID:2024
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        301⤵
        
        PID:2644
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        302⤵
        
        PID:5484
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        302⤵
        
        PID:768
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        303⤵
        
        PID:2636
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        303⤵
        
        PID:4292
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        304⤵
        
        PID:5816
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        304⤵
        
        PID:2016
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        305⤵
        
        PID:4152
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        305⤵
        
        PID:2008
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        306⤵
        
        PID:5640
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        306⤵
        
        PID:876
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        307⤵
        
        PID:5232
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        307⤵
        
        PID:4600
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        308⤵
        
        PID:5924
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        308⤵
        
        PID:4108
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        309⤵
        
        PID:4104
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        309⤵
        
        PID:2580
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        310⤵
        
        PID:5068
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        310⤵
        
        PID:5964
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        311⤵
        
        PID:2816
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        311⤵
        
        PID:4496
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        312⤵
        
        PID:4980
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        312⤵
        
        PID:1028
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        313⤵
        
        PID:920
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        313⤵
        
        PID:1992
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        314⤵
        
        PID:4548
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        314⤵
        
        PID:5136
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        315⤵
        
        PID:3196
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        315⤵
        
        PID:3348
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        316⤵
        
        PID:4268
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        316⤵
        
        PID:5896
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        317⤵
        
        PID:552
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        317⤵
        
        PID:2644
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        318⤵
        
        PID:1188
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        318⤵
        
        PID:4432
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        319⤵
        
        PID:4200
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        319⤵
        
        PID:3212
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        320⤵
        
        PID:6024
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        320⤵
        
        PID:1676
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        321⤵
        
        PID:5244
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        321⤵
        
        PID:3228
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        322⤵
        
        PID:392
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        322⤵
        
        PID:1524
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        323⤵
        
        PID:3772
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        323⤵
        
        PID:1784
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        324⤵
        
        PID:2580
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        324⤵
        
        PID:4356
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        325⤵
        
        PID:264
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        325⤵
        
        PID:4976
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        326⤵
        
        PID:5624
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        326⤵
        
        PID:1192
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        327⤵
        
        PID:4132
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        327⤵
        
        PID:2972
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        328⤵
        
        PID:2004
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        328⤵
        
        PID:4532
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        329⤵
        
        PID:1008
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        329⤵
        
        PID:1260
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        330⤵
        
        PID:3088
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        330⤵
        
        PID:5744
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        331⤵
        
        PID:3544
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        331⤵
        
        PID:4340
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        332⤵
        
        PID:5500
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        332⤵
        
        PID:4036
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        333⤵
        
        PID:4972
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        333⤵
        
        PID:4968
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        334⤵
        
        PID:4092
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        334⤵
        
        PID:5424
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        335⤵
        
        PID:5228
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        335⤵
        
        PID:4668
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        336⤵
        
        PID:2808
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        336⤵
        
        PID:1884
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        337⤵
        
        PID:1048
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        337⤵
        
        PID:5652
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        338⤵
        
        PID:2352
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        338⤵
        
        PID:4732
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        339⤵
        
        PID:872
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        339⤵
        
        PID:1368
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        340⤵
        
        PID:4752
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        340⤵
        
        PID:4020
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        341⤵
        
        PID:540
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        341⤵
        
        PID:4848
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        342⤵
        
        PID:5456
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        342⤵
        
        PID:3360
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        343⤵
        
        PID:1668
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        343⤵
        
        PID:4748
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        344⤵
        
        PID:4660
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        344⤵
        
        PID:5372
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        345⤵
        
        PID:4584
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        345⤵
        
        PID:4900
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        346⤵
        
        PID:3944
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        346⤵
        
        PID:4708
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        347⤵
        
        PID:3684
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        347⤵
        
        PID:4768
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        348⤵
        
        PID:4052
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        348⤵
        
        PID:2024
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        349⤵
        
        PID:6008
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        349⤵
        
        PID:644
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        350⤵
        
        PID:5580
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        350⤵
        
        PID:4432
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        351⤵
        
        PID:5312
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        351⤵
        
        PID:5240
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        352⤵
        
        PID:4608
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        352⤵
        
        PID:4168
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        353⤵
        
        PID:5540
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        353⤵
        
        PID:5952
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        354⤵
        
        PID:5432
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        354⤵
        
        PID:3228
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        355⤵
        
        PID:1548
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        355⤵
        
        PID:624
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        356⤵
        
        PID:4776
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        356⤵
        
        PID:3760
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        357⤵
        
        PID:2728
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        357⤵
        
        PID:4020
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        358⤵
        
        PID:3560
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        358⤵
        
        PID:4848
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        359⤵
        
        PID:2088
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        359⤵
        
        PID:3360
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        360⤵
        
        PID:4832
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        360⤵
        
        PID:2560
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        361⤵
        
        PID:3576
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        361⤵
        
        PID:4472
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        362⤵
        
        PID:4632
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        362⤵
        
        PID:4796
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        363⤵
        
        PID:3468
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        363⤵
        
        PID:4708
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        364⤵
        
        PID:6108
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        364⤵
        
        PID:6132
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        365⤵
        
        PID:2644
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        365⤵
        
        PID:4864
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        366⤵
        
        PID:2112
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        366⤵
        
        PID:4476
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        367⤵
        
        PID:5748
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        367⤵
        
        PID:4200
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        368⤵
        
        PID:4624
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        368⤵
        
        PID:6028
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        369⤵
        
        PID:4452
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        369⤵
        
        PID:876
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        370⤵
        
        PID:2892
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        370⤵
        
        PID:5232
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        371⤵
        
        PID:5716
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        371⤵
        
        PID:624
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        372⤵
        
        PID:5788
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        372⤵
        
        PID:4964
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        373⤵
        
        PID:2348
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        373⤵
        
        PID:4140
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        374⤵
        
        PID:348
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        374⤵
        
        PID:1304
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        375⤵
        
        PID:3188
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        375⤵
        
        PID:116
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        376⤵
        
        PID:5260
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        376⤵
        
        PID:4748
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        377⤵
        
        PID:5604
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        377⤵
        
        PID:1576
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        378⤵
        
        PID:3104
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        378⤵
        
        PID:2484
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        379⤵
        
        PID:6136
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        379⤵
        
        PID:4340
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        380⤵
        
        PID:4420
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        380⤵
        
        PID:2292
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        381⤵
        
        PID:2928
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        381⤵
        
        PID:4512
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        382⤵
        
        PID:1484
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        382⤵
        
        PID:2256
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        383⤵
        
        PID:1244
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        383⤵
        
        PID:5392
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        384⤵
        
        PID:1084
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        384⤵
        
        PID:6128
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        385⤵
        
        PID:400
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        385⤵
        
        PID:4376
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        386⤵
        
        PID:5976
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        386⤵
        
        PID:1684
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        387⤵
        
        PID:4172
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        387⤵
        
        PID:3580
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        388⤵
        
        PID:4752
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        388⤵
        
        PID:1696
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        389⤵
        
        PID:624
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        389⤵
        
        PID:264
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        390⤵
        
        PID:5456
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        390⤵
        
        PID:4912
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        391⤵
        
        PID:1668
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        391⤵
        
        PID:2412
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        392⤵
        
        PID:4660
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        392⤵
        
        PID:4388
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        393⤵
        
        PID:4584
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        393⤵
        
        PID:1264
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        394⤵
        
        PID:3944
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        394⤵
        
        PID:5928
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        395⤵
        
        PID:2232
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        395⤵
        
        PID:3544
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        396⤵
        
        PID:5852
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        396⤵
        
        PID:2932
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        397⤵
        
        PID:5356
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        397⤵
        
        PID:6008
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        398⤵
        
        PID:5252
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        398⤵
        
        PID:2020
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        399⤵
        
        PID:4292
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        399⤵
        
        PID:5312
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        400⤵
        
        PID:5488
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        400⤵
        
        PID:4760
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        401⤵
        
        PID:1864
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        401⤵
        
        PID:3644
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        402⤵
        
        PID:6128
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        402⤵
        
        PID:1828
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        403⤵
        
        PID:4376
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        403⤵
        
        PID:3504
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        404⤵
        
        PID:5848
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        404⤵
        
        PID:216
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        405⤵
        
        PID:2156
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        405⤵
        
        PID:3948
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        406⤵
        
        PID:4488
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        406⤵
        
        PID:5724
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        407⤵
        
        PID:4496
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        407⤵
        
        PID:5384
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        408⤵
        
        PID:2984
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        408⤵
        
        PID:4764
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        409⤵
        
        PID:5600
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        409⤵
        
        PID:4832
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        410⤵
        
        PID:3144
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        410⤵
        
        PID:4364
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        411⤵
        
        PID:1576
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        411⤵
        
        PID:4576
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        412⤵
        
        PID:1184
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        412⤵
        
        PID:3544
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        413⤵
        
        PID:5896
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        413⤵
        
        PID:768
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        414⤵
        
        PID:4604
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        414⤵
        
        PID:3232
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        415⤵
        
        PID:4036
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        415⤵
        
        PID:4904
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        416⤵
        
        PID:2976
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        416⤵
        
        PID:2224
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        417⤵
        
        PID:4500
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        417⤵
        
        PID:4924
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        418⤵
        
        PID:5844
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        418⤵
        
        PID:2332
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        419⤵
        
        PID:4624
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        419⤵
        
        PID:1468
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        420⤵
        
        PID:5904
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        420⤵
        
        PID:5872
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        421⤵
        
        PID:5204
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        421⤵
        
        PID:3256
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        422⤵
        
        PID:2088
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        422⤵
        
        PID:5304
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        423⤵
        
        PID:4424
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        423⤵
        
        PID:5224
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        424⤵
        
        PID:4748
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        424⤵
        
        PID:3600
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        425⤵
        
        PID:1744
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        425⤵
        
        PID:5028
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        426⤵
        
        PID:348
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        426⤵
        
        PID:4132
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        427⤵
        
        PID:4708
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        427⤵
        
        PID:5728
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        428⤵
        
        PID:5272
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        428⤵
        
        PID:6108
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        429⤵
        
        PID:4512
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        429⤵
        
        PID:2092
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        430⤵
        
        PID:1600
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        430⤵
        
        PID:6072
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        431⤵
        
        PID:4904
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        431⤵
        
        PID:5000
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        432⤵
        
        PID:2224
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        432⤵
        
        PID:2924
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        433⤵
        
        PID:5644
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        433⤵
        
        PID:2636
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        434⤵
        
        PID:916
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        434⤵
        
        PID:3536
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        435⤵
        
        PID:2884
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        435⤵
        
        PID:3472
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        436⤵
        
        PID:4976
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        436⤵
        
        PID:5516
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        437⤵
        
        PID:3272
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        437⤵
        
        PID:1192
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        438⤵
        
        PID:4812
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        438⤵
        
        PID:3772
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        439⤵
        
        PID:5788
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        439⤵
        
        PID:5448
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        440⤵
        
        PID:4832
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        440⤵
        
        PID:1272
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        441⤵
        
        PID:936
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        441⤵
        
        PID:3584
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        442⤵
        
        PID:4268
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        442⤵
        
        PID:5380
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        443⤵
        
        PID:5248
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        443⤵
        
        PID:768
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        444⤵
        
        PID:4472
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        444⤵
        
        PID:3288
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        445⤵
        
        PID:6124
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        445⤵
        
        PID:4588
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        446⤵
        
        PID:4756
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        446⤵
        
        PID:5764
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        447⤵
        
        PID:1764
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        447⤵
        
        PID:6004
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        448⤵
        
        PID:4924
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        448⤵
        
        PID:688
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        449⤵
        
        PID:4276
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        449⤵
        
        PID:4400
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        450⤵
        
        PID:4780
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        450⤵
        
        PID:2388
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        451⤵
        
        PID:1696
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        451⤵
        
        PID:3648
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        452⤵
        
        PID:6092
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        452⤵
        
        PID:5640
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        453⤵
        
        PID:1864
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        453⤵
        
        PID:5724
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        454⤵
        
        PID:3748
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        454⤵
        
        PID:5068
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        455⤵
        
        PID:2680
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        455⤵
        
        PID:5436
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        456⤵
        
        PID:4364
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        456⤵
        
        PID:5848
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        457⤵
        
        PID:1852
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        457⤵
        
        PID:5624
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        458⤵
        
        PID:5556
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        458⤵
        
        PID:2692
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        459⤵
        
        PID:1604
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        459⤵
        
        PID:5284
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        460⤵
        
        PID:2984
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        460⤵
        
        PID:2228
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        461⤵
        
        PID:5600
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        461⤵
        
        PID:2184
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        462⤵
        
        PID:5000
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        462⤵
        
        PID:4416
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        463⤵
        
        PID:2352
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        463⤵
        
        PID:4596
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        464⤵
        
        PID:5596
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        464⤵
        
        PID:4516
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        465⤵
        
        PID:216
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        465⤵
        
        PID:552
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        466⤵
        
        PID:3948
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        466⤵
        
        PID:4864
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        467⤵
        
        PID:1408
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        467⤵
        
        PID:6028
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        468⤵
        
        PID:3768
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        468⤵
        
        PID:656
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        469⤵
        
        PID:4628
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        469⤵
        
        PID:4012
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        470⤵
        
        PID:396
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        470⤵
        
        PID:116
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        471⤵
        
        PID:4616
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        471⤵
        
        PID:5448
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        472⤵
        
        PID:3812
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        472⤵
        
        PID:3368
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        473⤵
        
        PID:1092
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        473⤵
        
        PID:2728
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        474⤵
        
        PID:4728
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        474⤵
        
        PID:5152
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        475⤵
        
        PID:2220
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        475⤵
        
        PID:1304
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        476⤵
        
        PID:4612
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        476⤵
        
        PID:6012
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        477⤵
        
        PID:5312
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        477⤵
        
        PID:5392
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        478⤵
        
        PID:316
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        478⤵
        
        PID:5748
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        479⤵
        
        PID:6132
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        479⤵
        
        PID:1008
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        480⤵
        
        PID:4600
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        480⤵
        
        PID:1076
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        481⤵
        
        PID:3184
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        481⤵
        
        PID:3592
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        482⤵
        
        PID:5496
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        482⤵
        
        PID:2292
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        483⤵
        
        PID:2340
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        483⤵
        
        PID:1528
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        484⤵
        
        PID:4504
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        484⤵
        
        PID:2124
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        485⤵
        
        PID:5232
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        485⤵
        
        PID:4388
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        486⤵
        
        PID:116
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        486⤵
        
        PID:4152
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        487⤵
        
        PID:5448
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        487⤵
        
        PID:2332
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        488⤵
        
        PID:5848
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        488⤵
        
        PID:1812
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        489⤵
        
        PID:4660
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        489⤵
        
        PID:6112
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        490⤵
        
        PID:5152
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        490⤵
        
        PID:2180
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        491⤵
        
        PID:1304
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        491⤵
        
        PID:6068
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        492⤵
        
        PID:2228
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        492⤵
        
        PID:1392
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        493⤵
        
        PID:2484
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        493⤵
        
        PID:5392
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        494⤵
        
        PID:4772
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        494⤵
        
        PID:5748
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        495⤵
        
        PID:4648
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        495⤵
        
        PID:1008
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        496⤵
        
        PID:5484
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        496⤵
        
        PID:1076
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        497⤵
        
        PID:4464
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        497⤵
        
        PID:3592
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        498⤵
        
        PID:2812
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        498⤵
        
        PID:2292
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        499⤵
        
        PID:5696
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        499⤵
        
        PID:1528
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        500⤵
        
        PID:2524
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        500⤵
        
        PID:1880
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        501⤵
        
        PID:5700
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        501⤵
        
        PID:4388
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        502⤵
        
        PID:4716
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        502⤵
        
        PID:4676
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        503⤵
        
        PID:4888
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        503⤵
        
        PID:2332
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        504⤵
        
        PID:1200
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        504⤵
        
        PID:1636
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        505⤵
        
        PID:5372
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        505⤵
        
        PID:5284
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        506⤵
        
        PID:5228
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        506⤵
        
        PID:2304
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        507⤵
        
        PID:4760
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        507⤵
        
        PID:6068
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        508⤵
        
        PID:876
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        508⤵
        
        PID:1684
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        509⤵
        
        PID:3572
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        509⤵
        
        PID:5296
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        510⤵
        
        PID:6048
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        510⤵
        
        PID:3516
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        511⤵
        
        PID:4432
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        511⤵
        
        PID:3868
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        512⤵
        
        PID:2208
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        512⤵
        
        PID:4340
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        513⤵
        
        PID:4768

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\Output.exe.log

Filesize
654B

MD5
2ff39f6c7249774be85fd60a8f9a245e

SHA1
684ff36b31aedc1e587c8496c02722c6698c1c4e

SHA256
e1b91642d85d98124a6a31f710e137ab7fd90dec30e74a05ab7fcf3b7887dced

SHA512
1d7e8b92ef4afd463d62cfa7e8b9d1799db5bf2a263d3cd7840df2e0a1323d24eb595b5f8eb615c6cb15f9e3a7b4fc99f8dd6a3d34479222e966ec708998aed1

Download Submit
C:\Users\Admin\AppData\Roaming\Output.exe

Filesize
379KB

MD5
07720f4f6cd70f9f90daf6767fe0fc89

SHA1
8f5474705182cbf8a9f87588c03676a491146183

SHA256
cd07d3aec1ce392935b664562266eac8a27260ff8b434a74bf9e8368c997242e

SHA512
fa656008147051a7831f79b341c786865f08220a08f358e218b3de0896f6719f9517a9af44f9f9e48d2f15460ca184fc669ac1e7f9a390b1c7057f1697c74e47

Download Submit
C:\Users\Admin\AppData\Roaming\XClient.exe

Filesize
50KB

MD5
e0918682feb10b28a39a9cfbf4d2d90c

SHA1
c33f8518747e96955387bac3c8299eea24357fe0

SHA256
8f7a69675281f0e5f2fd0b43c64434fdb132fdca1eb82cf23aa947f83c833d01

SHA512
dcb3961832197bf33b4e554a69b95a17c847fccde7211ca96ee0a9ad975a051f93e6f29a3a9525279b2aaf9d6b7208a8ddeb8c1d430e79ddf4155f5629038fa7

Download Submit
memory/2704-26-0x00000000004D0000-0x0000000000536000-memory.dmp

Filesize
408KB

Download
memory/2704-29-0x00007FFA85720000-0x00007FFA861E1000-memory.dmp

Filesize
10.8MB

Download
memory/2704-33-0x00007FFA85720000-0x00007FFA861E1000-memory.dmp

Filesize
10.8MB

Download
memory/4384-27-0x00007FFA85720000-0x00007FFA861E1000-memory.dmp

Filesize
10.8MB

Download
memory/4384-21-0x0000000000240000-0x0000000000252000-memory.dmp

Filesize
72KB

Download
memory/4384-94-0x00007FFA85720000-0x00007FFA861E1000-memory.dmp

Filesize
10.8MB

Download
memory/4384-93-0x00007FFA85720000-0x00007FFA861E1000-memory.dmp

Filesize
10.8MB

Download
memory/4384-90-0x00007FFA85720000-0x00007FFA861E1000-memory.dmp

Filesize
10.8MB

Download
memory/6060-0-0x00007FFA85723000-0x00007FFA85725000-memory.dmp

Filesize
8KB

Download
memory/6060-1-0x00000000000B0000-0x0000000000126000-memory.dmp

Filesize
472KB

Download