xworm | 7f1beb32d0565e8ebe9db45b1bc9a29b8fe6f2cfb7f17605bd2f6ec40f761b89

Analysis

max time kernel
32s
max time network
23s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
22/03/2025, 06:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

5c4c8e3473b0c8f8a1d81b941495d80c1d07fc22d02cd10dc467f4309645d2e2.exe
Size

770KB
MD5

512de90549a0ffd01db566d4e69afa97
SHA1

193cce38892758314db86d16fbc1e6a07008729c
SHA256

5c4c8e3473b0c8f8a1d81b941495d80c1d07fc22d02cd10dc467f4309645d2e2
SHA512

fdbe1b71231057d8b1c25c9a152a846d0860f5f9a3e1942a877f691d5f39e702fafe14b0e9a2e7e21dfa427fed6d20b6fe33109dd82a53fda7b2271ed9c7b177
SSDEEP

12288:2Cg/vC4AAY6NkAI9gNoDUCvUMMyRx0E6eKJQ0qnkf29Bq:2C4vCNAEAwgNIUUz0E1KJQBnkMq

Score

10^/10

xworm rat trojan

Malware Config

Extracted

Family

xworm

127.0.0.1:7000

Attributes

install_file
USB.exe

Signatures

Detect Xworm Payload 2 IoCs

resource	yara_rule
behavioral29/files/0x000c00000001226a-5.dat	family_xworm
behavioral29/memory/2796-9-0x0000000000C50000-0x0000000000C62000-memory.dmp	family_xworm

Xworm
Xworm is a remote access trojan written in C#.
trojan rat xworm
Xworm family
xworm

Executes dropped EXE 64 IoCs

pid	Process
2796	XClient.exe
2760	Output.exe
2708	XClient.exe
2092	Output.exe
2556	XClient.exe
2596	Output.exe
1508	XClient.exe
1524	Output.exe
808	XClient.exe
2272	Output.exe
2160	XClient.exe
2872	Output.exe
1772	XClient.exe
1972	Output.exe
1996	XClient.exe
1952	Output.exe
536	XClient.exe
484	Output.exe
3052	XClient.exe
2368	Output.exe
2964	XClient.exe
2144	Output.exe
2380	XClient.exe
1604	Output.exe
776	XClient.exe
2516	Output.exe
1932	XClient.exe
832	Output.exe
1724	XClient.exe
2136	Output.exe
1752	XClient.exe
1920	Output.exe
1000	XClient.exe
1188	Output.exe
628	XClient.exe
2060	Output.exe
888	XClient.exe
2456	Output.exe
2748	XClient.exe
2700	Output.exe
2208	XClient.exe
2068	Output.exe
2540	XClient.exe
2544	Output.exe
1512	XClient.exe
2868	Output.exe
992	XClient.exe
1076	Output.exe
2272	XClient.exe
2908	Output.exe
2772	XClient.exe
2184	Output.exe
2152	XClient.exe
2332	Output.exe
552	XClient.exe
2080	Output.exe
1216	XClient.exe
2132	Output.exe
1604	XClient.exe
2504	Output.exe
1528	Output.exe
2512	XClient.exe
2488	XClient.exe
2500	Output.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeDebugPrivilege	2796	XClient.exe
Token: SeDebugPrivilege	2708	XClient.exe
Token: SeDebugPrivilege	2556	XClient.exe
Token: SeDebugPrivilege	1508	XClient.exe
Token: SeDebugPrivilege	808	XClient.exe
Token: SeDebugPrivilege	2160	XClient.exe
Token: SeDebugPrivilege	1772	XClient.exe
Token: SeDebugPrivilege	1996	XClient.exe
Token: SeDebugPrivilege	536	XClient.exe
Token: SeDebugPrivilege	3052	XClient.exe
Token: SeDebugPrivilege	2964	XClient.exe
Token: SeDebugPrivilege	2380	XClient.exe
Token: SeDebugPrivilege	776	XClient.exe
Token: SeDebugPrivilege	1932	XClient.exe
Token: SeDebugPrivilege	1724	XClient.exe
Token: SeDebugPrivilege	1752	XClient.exe
Token: SeDebugPrivilege	1000	XClient.exe
Token: SeDebugPrivilege	628	XClient.exe
Token: SeDebugPrivilege	888	XClient.exe
Token: SeDebugPrivilege	2748	XClient.exe
Token: SeDebugPrivilege	2208	XClient.exe
Token: SeDebugPrivilege	2540	XClient.exe
Token: SeDebugPrivilege	1512	XClient.exe
Token: SeDebugPrivilege	992	XClient.exe
Token: SeDebugPrivilege	2272	XClient.exe
Token: SeDebugPrivilege	2772	XClient.exe
Token: SeDebugPrivilege	2152	XClient.exe
Token: SeDebugPrivilege	552	XClient.exe
Token: SeDebugPrivilege	1216	XClient.exe
Token: SeDebugPrivilege	1604	XClient.exe
Token: SeDebugPrivilege	2512	XClient.exe
Token: SeDebugPrivilege	2488	XClient.exe
Token: SeDebugPrivilege	2632	XClient.exe
Token: SeDebugPrivilege	1580	XClient.exe
Token: SeDebugPrivilege	2876	XClient.exe
Token: SeDebugPrivilege	3036	XClient.exe
Token: SeDebugPrivilege	2108	XClient.exe
Token: SeDebugPrivilege	1376	XClient.exe
Token: SeDebugPrivilege	1696	XClient.exe
Token: SeDebugPrivilege	3056	XClient.exe
Token: SeDebugPrivilege	952	XClient.exe
Token: SeDebugPrivilege	2352	XClient.exe
Token: SeDebugPrivilege	2244	XClient.exe
Token: SeDebugPrivilege	1592	XClient.exe
Token: SeDebugPrivilege	1416	XClient.exe
Token: SeDebugPrivilege	1516	XClient.exe
Token: SeDebugPrivilege	3008	XClient.exe
Token: SeDebugPrivilege	1372	XClient.exe
Token: SeDebugPrivilege	2884	XClient.exe
Token: SeDebugPrivilege	320	XClient.exe
Token: SeDebugPrivilege	2188	XClient.exe
Token: SeDebugPrivilege	1528	XClient.exe
Token: SeDebugPrivilege	2060	XClient.exe
Token: SeDebugPrivilege	1280	XClient.exe
Token: SeDebugPrivilege	3048	XClient.exe
Token: SeDebugPrivilege	2544	XClient.exe
Token: SeDebugPrivilege	1160	XClient.exe
Token: SeDebugPrivilege	776	XClient.exe
Token: SeDebugPrivilege	2128	XClient.exe
Token: SeDebugPrivilege	900	XClient.exe
Token: SeDebugPrivilege	1668	XClient.exe
Token: SeDebugPrivilege	836	XClient.exe
Token: SeDebugPrivilege	1088	XClient.exe
Token: SeDebugPrivilege	2216	XClient.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2656 wrote to memory of 2796	2656	5c4c8e3473b0c8f8a1d81b941495d80c1d07fc22d02cd10dc467f4309645d2e2.exe	30
PID 2656 wrote to memory of 2796	2656	5c4c8e3473b0c8f8a1d81b941495d80c1d07fc22d02cd10dc467f4309645d2e2.exe	30
PID 2656 wrote to memory of 2796	2656	5c4c8e3473b0c8f8a1d81b941495d80c1d07fc22d02cd10dc467f4309645d2e2.exe	30
PID 2656 wrote to memory of 2760	2656	5c4c8e3473b0c8f8a1d81b941495d80c1d07fc22d02cd10dc467f4309645d2e2.exe	456
PID 2656 wrote to memory of 2760	2656	5c4c8e3473b0c8f8a1d81b941495d80c1d07fc22d02cd10dc467f4309645d2e2.exe	456
PID 2656 wrote to memory of 2760	2656	5c4c8e3473b0c8f8a1d81b941495d80c1d07fc22d02cd10dc467f4309645d2e2.exe	456
PID 2760 wrote to memory of 2708	2760	Output.exe	32
PID 2760 wrote to memory of 2708	2760	Output.exe	32
PID 2760 wrote to memory of 2708	2760	Output.exe	32
PID 2760 wrote to memory of 2092	2760	Output.exe	526
PID 2760 wrote to memory of 2092	2760	Output.exe	526
PID 2760 wrote to memory of 2092	2760	Output.exe	526
PID 2092 wrote to memory of 2556	2092	Output.exe	763
PID 2092 wrote to memory of 2556	2092	Output.exe	763
PID 2092 wrote to memory of 2556	2092	Output.exe	763
PID 2092 wrote to memory of 2596	2092	Output.exe	691
PID 2092 wrote to memory of 2596	2092	Output.exe	691
PID 2092 wrote to memory of 2596	2092	Output.exe	691
PID 2596 wrote to memory of 1508	2596	Output.exe	36
PID 2596 wrote to memory of 1508	2596	Output.exe	36
PID 2596 wrote to memory of 1508	2596	Output.exe	36
PID 2596 wrote to memory of 1524	2596	Output.exe	723
PID 2596 wrote to memory of 1524	2596	Output.exe	723
PID 2596 wrote to memory of 1524	2596	Output.exe	723
PID 1524 wrote to memory of 808	1524	Output.exe	462
PID 1524 wrote to memory of 808	1524	Output.exe	462
PID 1524 wrote to memory of 808	1524	Output.exe	462
PID 1524 wrote to memory of 2272	1524	Output.exe	316
PID 1524 wrote to memory of 2272	1524	Output.exe	316
PID 1524 wrote to memory of 2272	1524	Output.exe	316
PID 2272 wrote to memory of 2160	2272	Output.exe	40
PID 2272 wrote to memory of 2160	2272	Output.exe	40
PID 2272 wrote to memory of 2160	2272	Output.exe	40
PID 2272 wrote to memory of 2872	2272	Output.exe	748
PID 2272 wrote to memory of 2872	2272	Output.exe	748
PID 2272 wrote to memory of 2872	2272	Output.exe	748
PID 2872 wrote to memory of 1772	2872	Output.exe	42
PID 2872 wrote to memory of 1772	2872	Output.exe	42
PID 2872 wrote to memory of 1772	2872	Output.exe	42
PID 2872 wrote to memory of 1972	2872	Output.exe	720
PID 2872 wrote to memory of 1972	2872	Output.exe	720
PID 2872 wrote to memory of 1972	2872	Output.exe	720
PID 1972 wrote to memory of 1996	1972	Output.exe	688
PID 1972 wrote to memory of 1996	1972	Output.exe	688
PID 1972 wrote to memory of 1996	1972	Output.exe	688
PID 1972 wrote to memory of 1952	1972	Output.exe	446
PID 1972 wrote to memory of 1952	1972	Output.exe	446
PID 1972 wrote to memory of 1952	1972	Output.exe	446
PID 1952 wrote to memory of 536	1952	Output.exe	757
PID 1952 wrote to memory of 536	1952	Output.exe	757
PID 1952 wrote to memory of 536	1952	Output.exe	757
PID 1952 wrote to memory of 484	1952	Output.exe	127
PID 1952 wrote to memory of 484	1952	Output.exe	127
PID 1952 wrote to memory of 484	1952	Output.exe	127
PID 484 wrote to memory of 3052	484	Output.exe	452
PID 484 wrote to memory of 3052	484	Output.exe	452
PID 484 wrote to memory of 3052	484	Output.exe	452
PID 484 wrote to memory of 2368	484	Output.exe	735
PID 484 wrote to memory of 2368	484	Output.exe	735
PID 484 wrote to memory of 2368	484	Output.exe	735
PID 2368 wrote to memory of 2964	2368	Output.exe	412
PID 2368 wrote to memory of 2964	2368	Output.exe	412
PID 2368 wrote to memory of 2964	2368	Output.exe	412
PID 2368 wrote to memory of 2144	2368	Output.exe	275

C:\Users\Admin\AppData\Local\Temp\5c4c8e3473b0c8f8a1d81b941495d80c1d07fc22d02cd10dc467f4309645d2e2.exe
"C:\Users\Admin\AppData\Local\Temp\5c4c8e3473b0c8f8a1d81b941495d80c1d07fc22d02cd10dc467f4309645d2e2.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2656
- C:\Users\Admin\AppData\Roaming\XClient.exe
  "C:\Users\Admin\AppData\Roaming\XClient.exe"
  2⤵
  - Executes dropped EXE
  - Suspicious use of AdjustPrivilegeToken
  PID:2796
- C:\Users\Admin\AppData\Roaming\Output.exe
  "C:\Users\Admin\AppData\Roaming\Output.exe"
  2⤵
  - Executes dropped EXE
  - Suspicious use of WriteProcessMemory
  PID:2760
- - C:\Users\Admin\AppData\Roaming\XClient.exe
    "C:\Users\Admin\AppData\Roaming\XClient.exe"
    3⤵
    - Executes dropped EXE
    - Suspicious use of AdjustPrivilegeToken
    PID:2708
- - C:\Users\Admin\AppData\Roaming\Output.exe
    "C:\Users\Admin\AppData\Roaming\Output.exe"
    3⤵
    - Executes dropped EXE
    - Suspicious use of WriteProcessMemory
    PID:2092
  - - C:\Users\Admin\AppData\Roaming\XClient.exe
      "C:\Users\Admin\AppData\Roaming\XClient.exe"
      4⤵
      Executes dropped EXE
      Suspicious use of AdjustPrivilegeToken
      PID:2556
  - - C:\Users\Admin\AppData\Roaming\Output.exe
      "C:\Users\Admin\AppData\Roaming\Output.exe"
      4⤵
      Executes dropped EXE
      Suspicious use of WriteProcessMemory
      PID:2596
    - - C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        5⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1508
    - - C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        5⤵
        Executes dropped EXE
        Suspicious use of WriteProcessMemory
        
        PID:1524
      - C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        6⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:808
      - C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        6⤵
        Executes dropped EXE
        Suspicious use of WriteProcessMemory
        
        PID:2272
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        7⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2160
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        7⤵
        Executes dropped EXE
        Suspicious use of WriteProcessMemory
        
        PID:2872
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        8⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1772
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        8⤵
        Executes dropped EXE
        Suspicious use of WriteProcessMemory
        
        PID:1972
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        9⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1996
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        9⤵
        Executes dropped EXE
        Suspicious use of WriteProcessMemory
        
        PID:1952
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        10⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:536
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        10⤵
        Executes dropped EXE
        Suspicious use of WriteProcessMemory
        
        PID:484
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        11⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:3052
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        11⤵
        Executes dropped EXE
        Suspicious use of WriteProcessMemory
        
        PID:2368
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        12⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2964
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        12⤵
        Executes dropped EXE
        
        PID:2144
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        13⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2380
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        13⤵
        Executes dropped EXE
        
        PID:1604
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        14⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:776
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        14⤵
        Executes dropped EXE
        
        PID:2516
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        15⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1932
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        15⤵
        Executes dropped EXE
        
        PID:832
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        16⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1724
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        16⤵
        Executes dropped EXE
        
        PID:2136
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        17⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1752
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        17⤵
        Executes dropped EXE
        
        PID:1920
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        18⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1000
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        18⤵
        Executes dropped EXE
        
        PID:1188
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        19⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:628
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        19⤵
        Executes dropped EXE
        
        PID:2060
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        20⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:888
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        20⤵
        Executes dropped EXE
        
        PID:2456
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        21⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2748
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        21⤵
        Executes dropped EXE
        
        PID:2700
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        22⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2208
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        22⤵
        Executes dropped EXE
        
        PID:2068
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        23⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2540
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        23⤵
        Executes dropped EXE
        
        PID:2544
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        24⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1512
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        24⤵
        Executes dropped EXE
        
        PID:2868
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        25⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:992
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        25⤵
        Executes dropped EXE
        
        PID:1076
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        26⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2272
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        26⤵
        Executes dropped EXE
        
        PID:2908
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        27⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2772
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        27⤵
        Executes dropped EXE
        
        PID:2184
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        28⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2152
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        28⤵
        Executes dropped EXE
        
        PID:2332
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        29⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:552
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        29⤵
        Executes dropped EXE
        
        PID:2080
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        30⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1216
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        30⤵
        Executes dropped EXE
        
        PID:2132
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        31⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1604
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        31⤵
        Executes dropped EXE
        
        PID:2504
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        32⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2512
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        32⤵
        Executes dropped EXE
        
        PID:1528
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        33⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2488
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        33⤵
        Executes dropped EXE
        
        PID:2500
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        34⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:2632
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        34⤵
        
        PID:2780
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        35⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1580
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        35⤵
        
        PID:2276
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        36⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:2876
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        36⤵
        
        PID:2920
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        37⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:3036
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        37⤵
        
        PID:2432
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        38⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:2108
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        38⤵
        
        PID:2872
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        39⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1376
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        39⤵
        
        PID:2648
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        40⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1696
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        40⤵
        
        PID:792
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        41⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:3056
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        41⤵
        
        PID:2212
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        42⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:952
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        42⤵
        
        PID:1780
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        43⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:2352
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        43⤵
        
        PID:996
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        44⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:2244
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        44⤵
        
        PID:2900
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        45⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1592
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        45⤵
        
        PID:296
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        46⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1416
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        46⤵
        
        PID:2592
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        47⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1516
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        47⤵
        
        PID:2068
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        48⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:3008
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        48⤵
        
        PID:808
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        49⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1372
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        49⤵
        
        PID:3020
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        50⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:2884
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        50⤵
        
        PID:484
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        51⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:320
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        51⤵
        
        PID:2336
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        52⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:2188
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        52⤵
        
        PID:700
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        53⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1528
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        53⤵
        
        PID:2500
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        54⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:2060
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        54⤵
        
        PID:1920
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        55⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1280
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        55⤵
        
        PID:2456
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        56⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:3048
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        56⤵
        
        PID:2776
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        57⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:2544
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        57⤵
        
        PID:2528
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        58⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1160
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        58⤵
        
        PID:2856
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        59⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:776
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        59⤵
        
        PID:2532
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        60⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:2128
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        60⤵
        
        PID:1932
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        61⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:900
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        61⤵
        
        PID:1868
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        62⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1668
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        62⤵
        
        PID:1732
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        63⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:836
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        63⤵
        
        PID:2004
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        64⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1088
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        64⤵
        
        PID:2224
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        65⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:2216
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        65⤵
        
        PID:2964
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        66⤵
        
        PID:1648
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        66⤵
        
        PID:1348
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        67⤵
        
        PID:2448
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        67⤵
        
        PID:2180
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        68⤵
        
        PID:2524
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        68⤵
        
        PID:2988
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        69⤵
        
        PID:2676
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        69⤵
        
        PID:2748
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        70⤵
        
        PID:3028
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        70⤵
        
        PID:2752
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        71⤵
        
        PID:1540
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        71⤵
        
        PID:604
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        72⤵
        
        PID:2816
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        72⤵
        
        PID:264
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        73⤵
        
        PID:2848
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        73⤵
        
        PID:1000
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        74⤵
        
        PID:2904
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        74⤵
        
        PID:2468
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        75⤵
        
        PID:2940
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        75⤵
        
        PID:2172
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        76⤵
        
        PID:2236
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        76⤵
        
        PID:2652
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        77⤵
        
        PID:2056
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        77⤵
        
        PID:2312
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        78⤵
        
        PID:2208
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        78⤵
        
        PID:1868
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        79⤵
        
        PID:764
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        79⤵
        
        PID:3004
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        80⤵
        
        PID:1300
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        80⤵
        
        PID:1340
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        81⤵
        
        PID:2728
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        81⤵
        
        PID:2280
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        82⤵
        
        PID:1348
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        82⤵
        
        PID:908
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        83⤵
        
        PID:760
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        83⤵
        
        PID:2172
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        84⤵
        
        PID:2844
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        84⤵
        
        PID:2752
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        85⤵
        
        PID:2552
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        85⤵
        
        PID:652
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        86⤵
        
        PID:1204
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        86⤵
        
        PID:2224
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        87⤵
        
        PID:2528
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        87⤵
        
        PID:1856
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        88⤵
        
        PID:2280
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        88⤵
        
        PID:2700
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        89⤵
        
        PID:908
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        89⤵
        
        PID:2092
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        90⤵
        
        PID:2644
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        90⤵
        
        PID:2828
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        91⤵
        
        PID:2008
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        91⤵
        
        PID:2924
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        92⤵
        
        PID:2760
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        92⤵
        
        PID:3060
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        93⤵
        
        PID:2456
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        93⤵
        
        PID:2740
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        94⤵
        
        PID:3056
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        94⤵
        
        PID:1340
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        95⤵
        
        PID:1604
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        95⤵
        
        PID:2332
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        96⤵
        
        PID:2756
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        96⤵
        
        PID:2984
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        97⤵
        
        PID:2548
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        97⤵
        
        PID:1800
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        98⤵
        
        PID:2928
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        98⤵
        
        PID:2916
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        99⤵
        
        PID:1696
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        99⤵
        
        PID:2224
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        100⤵
        
        PID:624
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        100⤵
        
        PID:1524
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        101⤵
        
        PID:1692
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        101⤵
        
        PID:1948
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        102⤵
        
        PID:2080
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        102⤵
        
        PID:3036
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        103⤵
        
        PID:2256
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        103⤵
        
        PID:2108
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        104⤵
        
        PID:2608
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        104⤵
        
        PID:1384
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        105⤵
        
        PID:1708
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        105⤵
        
        PID:604
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        106⤵
        
        PID:1148
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        106⤵
        
        PID:1496
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        107⤵
        
        PID:2516
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        107⤵
        
        PID:2320
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        108⤵
        
        PID:2876
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        108⤵
        
        PID:2220
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        109⤵
        
        PID:2028
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        109⤵
        
        PID:2680
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        110⤵
        
        PID:2108
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        110⤵
        
        PID:2592
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        111⤵
        
        PID:1616
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        111⤵
        
        PID:1064
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        112⤵
        
        PID:1528
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        112⤵
        
        PID:2140
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        113⤵
        
        PID:2560
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        113⤵
        
        PID:1656
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        114⤵
        
        PID:888
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        114⤵
        
        PID:2884
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        115⤵
        
        PID:2428
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        115⤵
        
        PID:2716
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        116⤵
        
        PID:2712
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        116⤵
        
        PID:2680
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        117⤵
        
        PID:1900
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        117⤵
        
        PID:1804
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        118⤵
        
        PID:2232
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        118⤵
        
        PID:2656
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        119⤵
        
        PID:3040
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        119⤵
        
        PID:3032
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        120⤵
        
        PID:948
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        120⤵
        
        PID:2892
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        121⤵
        
        PID:2324
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        121⤵
        
        PID:2924
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        122⤵
        
        PID:320
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        122⤵
        
        PID:2896
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        123⤵
        
        PID:2972
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        123⤵
        
        PID:2444
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        124⤵
        
        PID:2224
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        124⤵
        
        PID:2144
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        125⤵
        
        PID:2140
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        125⤵
        
        PID:2476
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        126⤵
        
        PID:1656
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        126⤵
        
        PID:872
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        127⤵
        
        PID:2276
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        127⤵
        
        PID:1584
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        128⤵
        
        PID:1516
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        128⤵
        
        PID:664
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        129⤵
        
        PID:1760
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        129⤵
        
        PID:1976
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        130⤵
        
        PID:1588
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        130⤵
        
        PID:2788
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        131⤵
        
        PID:1064
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        131⤵
        
        PID:1512
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        132⤵
        
        PID:3032
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        132⤵
        
        PID:3000
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        133⤵
        
        PID:2332
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        133⤵
        
        PID:536
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        134⤵
        
        PID:2076
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        134⤵
        
        PID:2604
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        135⤵
        
        PID:2236
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        135⤵
        
        PID:2896
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        136⤵
        
        PID:2768
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        136⤵
        
        PID:2460
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        137⤵
        
        PID:1608
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        137⤵
        
        PID:2068
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        138⤵
        
        PID:2152
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        138⤵
        
        PID:1704
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        139⤵
        
        PID:604
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        139⤵
        
        PID:916
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        140⤵
        
        PID:2576
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        140⤵
        
        PID:1348
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        141⤵
        
        PID:2308
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        141⤵
        
        PID:2528
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        142⤵
        
        PID:2616
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        142⤵
        
        PID:2564
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        143⤵
        
        PID:2440
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        143⤵
        
        PID:908
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        144⤵
        
        PID:2848
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        144⤵
        
        PID:1568
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        145⤵
        
        PID:2272
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        145⤵
        
        PID:552
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        146⤵
        
        PID:2632
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        146⤵
        
        PID:1324
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        147⤵
        
        PID:2980
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        147⤵
        
        PID:2456
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        148⤵
        
        PID:1828
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        148⤵
        
        PID:2824
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        149⤵
        
        PID:2748
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        149⤵
        
        PID:2292
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        150⤵
        
        PID:2644
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        150⤵
        
        PID:1512
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        151⤵
        
        PID:760
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        151⤵
        
        PID:2604
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        152⤵
        
        PID:2052
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        152⤵
        
        PID:2496
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        153⤵
        
        PID:2532
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        153⤵
        
        PID:2852
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        154⤵
        
        PID:1696
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        154⤵
        
        PID:2068
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        155⤵
        
        PID:2904
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        155⤵
        
        PID:2312
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        156⤵
        
        PID:1568
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        156⤵
        
        PID:1692
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        157⤵
        
        PID:1176
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        157⤵
        
        PID:264
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        158⤵
        
        PID:1732
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        158⤵
        
        PID:1776
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        159⤵
        
        PID:3012
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        159⤵
        
        PID:2940
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        160⤵
        
        PID:2672
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        160⤵
        
        PID:2600
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        161⤵
        
        PID:1740
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        161⤵
        
        PID:3004
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        162⤵
        
        PID:296
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        162⤵
        
        PID:2040
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        163⤵
        
        PID:2184
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        163⤵
        
        PID:1948
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        164⤵
        
        PID:2556
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        164⤵
        
        PID:2828
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        165⤵
        
        PID:2668
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        165⤵
        
        PID:2292
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        166⤵
        
        PID:2108
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        166⤵
        
        PID:2204
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        167⤵
        
        PID:2800
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        167⤵
        
        PID:2004
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        168⤵
        
        PID:1528
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        168⤵
        
        PID:2680
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        169⤵
        
        PID:2560
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        169⤵
        
        PID:2816
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        170⤵
        
        PID:2016
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        170⤵
        
        PID:888
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        171⤵
        
        PID:1564
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        171⤵
        
        PID:1796
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        172⤵
        
        PID:2312
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        172⤵
        
        PID:1416
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        173⤵
        
        PID:2456
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        173⤵
        
        PID:2580
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        174⤵
        
        PID:2540
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        174⤵
        
        PID:1956
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        175⤵
        
        PID:2028
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        175⤵
        
        PID:2816
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        176⤵
        
        PID:2868
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        176⤵
        
        PID:2064
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        177⤵
        
        PID:2976
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        177⤵
        
        PID:2524
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        178⤵
        
        PID:2916
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        178⤵
        
        PID:1948
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        179⤵
        
        PID:2972
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        179⤵
        
        PID:3048
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        180⤵
        
        PID:1916
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        180⤵
        
        PID:2432
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        181⤵
        
        PID:2140
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        181⤵
        
        PID:2188
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        182⤵
        
        PID:1348
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        182⤵
        
        PID:2852
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        183⤵
        
        PID:2276
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        183⤵
        
        PID:2232
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        184⤵
        
        PID:1604
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        184⤵
        
        PID:2780
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        185⤵
        
        PID:2624
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        185⤵
        
        PID:2828
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        186⤵
        
        PID:1712
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        186⤵
        
        PID:3040
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        187⤵
        
        PID:2420
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        187⤵
        
        PID:2008
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        188⤵
        
        PID:1984
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        188⤵
        
        PID:2060
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        189⤵
        
        PID:1328
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        189⤵
        
        PID:2676
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        190⤵
        
        PID:1748
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        190⤵
        
        PID:1692
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        191⤵
        
        PID:3008
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        191⤵
        
        PID:2792
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        192⤵
        
        PID:2712
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        192⤵
        
        PID:1064
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        193⤵
        
        PID:2964
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        193⤵
        
        PID:2008
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        194⤵
        
        PID:1672
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        194⤵
        
        PID:652
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        195⤵
        
        PID:1664
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        195⤵
        
        PID:1844
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        196⤵
        
        PID:1088
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        196⤵
        
        PID:1196
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        197⤵
        
        PID:2900
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        197⤵
        
        PID:1080
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        198⤵
        
        PID:3032
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        198⤵
        
        PID:1860
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        199⤵
        
        PID:1516
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        199⤵
        
        PID:2136
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        200⤵
        
        PID:2872
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        200⤵
        
        PID:2436
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        201⤵
        
        PID:2500
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        201⤵
        
        PID:2156
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        202⤵
        
        PID:2208
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        202⤵
        
        PID:1616
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        203⤵
        
        PID:2856
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        203⤵
        
        PID:2812
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        204⤵
        
        PID:2752
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        204⤵
        
        PID:2380
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        205⤵
        
        PID:2008
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        205⤵
        
        PID:2860
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        206⤵
        
        PID:1344
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        206⤵
        
        PID:2280
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        207⤵
        
        PID:2776
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        207⤵
        
        PID:2928
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        208⤵
        
        PID:2156
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        208⤵
        
        PID:2844
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        209⤵
        
        PID:1164
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        209⤵
        
        PID:2352
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        210⤵
        
        PID:1952
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        210⤵
        
        PID:2740
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        211⤵
        
        PID:2924
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        211⤵
        
        PID:2320
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        212⤵
        
        PID:1608
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        212⤵
        
        PID:2956
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        213⤵
        
        PID:3052
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        213⤵
        
        PID:2620
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        214⤵
        
        PID:624
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        214⤵
        
        PID:1616
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        215⤵
        
        PID:2760
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        215⤵
        
        PID:2232
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        216⤵
        
        PID:1064
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        216⤵
        
        PID:900
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        217⤵
        
        PID:1804
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        217⤵
        
        PID:1188
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        218⤵
        
        PID:808
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        218⤵
        
        PID:1560
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        219⤵
        
        PID:2192
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        219⤵
        
        PID:604
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        220⤵
        
        PID:1752
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        220⤵
        
        PID:2844
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        221⤵
        
        PID:764
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        221⤵
        
        PID:1232
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        222⤵
        
        PID:1524
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        222⤵
        
        PID:2476
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        223⤵
        
        PID:2052
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        223⤵
        
        PID:900
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        224⤵
        
        PID:2928
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        224⤵
        
        PID:2668
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        225⤵
        
        PID:2656
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        225⤵
        
        PID:3004
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        226⤵
        
        PID:1420
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        226⤵
        
        PID:992
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        227⤵
        
        PID:1740
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        227⤵
        
        PID:1204
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        228⤵
        
        PID:2824
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        228⤵
        
        PID:264
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        229⤵
        
        PID:2468
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        229⤵
        
        PID:1940
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        230⤵
        
        PID:2848
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        230⤵
        
        PID:900
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        231⤵
        
        PID:2808
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        231⤵
        
        PID:2396
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        232⤵
        
        PID:2464
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        232⤵
        
        PID:408
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        233⤵
        
        PID:1780
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        233⤵
        
        PID:2652
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        234⤵
        
        PID:2248
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        234⤵
        
        PID:2540
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        235⤵
        
        PID:2560
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        235⤵
        
        PID:2784
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        236⤵
        
        PID:1280
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        236⤵
        
        PID:2276
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        237⤵
        
        PID:2324
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        237⤵
        
        PID:2176
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        238⤵
        
        PID:2660
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        238⤵
        
        PID:2552
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        239⤵
        
        PID:992
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        239⤵
        
        PID:3020
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        240⤵
        
        PID:2392
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        240⤵
        
        PID:552
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        241⤵
        
        PID:2292
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        241⤵
        
        PID:2540
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        242⤵
        
        PID:1348
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        242⤵
        
        PID:2784
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        243⤵
        
        PID:1416
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        243⤵
        
        PID:2276
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        244⤵
        
        PID:2580
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        244⤵
        
        PID:2812
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        245⤵
        
        PID:792
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        245⤵
        
        PID:2432
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        246⤵
        
        PID:3020
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        246⤵
        
        PID:872
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        247⤵
        
        PID:2216
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        247⤵
        
        PID:2416
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        248⤵
        
        PID:1696
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        248⤵
        
        PID:776
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        249⤵
        
        PID:2984
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        249⤵
        
        PID:2624
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        250⤵
        
        PID:2092
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        250⤵
        
        PID:2816
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        251⤵
        
        PID:2224
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        251⤵
        
        PID:2532
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        252⤵
        
        PID:1712
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        252⤵
        
        PID:2884
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        253⤵
        
        PID:2408
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        253⤵
        
        PID:1776
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        254⤵
        
        PID:1592
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        254⤵
        
        PID:2524
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        255⤵
        
        PID:1196
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        255⤵
        
        PID:2236
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        256⤵
        
        PID:2828
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        256⤵
        
        PID:2568
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        257⤵
        
        PID:2588
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        257⤵
        
        PID:2816
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        258⤵
        
        PID:2532
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        258⤵
        
        PID:2960
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        259⤵
        
        PID:2800
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        259⤵
        
        PID:1588
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        260⤵
        
        PID:556
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        260⤵
        
        PID:1344
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        261⤵
        
        PID:2668
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        261⤵
        
        PID:2308
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        262⤵
        
        PID:2756
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        262⤵
        
        PID:2140
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        263⤵
        
        PID:1528
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        263⤵
        
        PID:2968
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        264⤵
        
        PID:2336
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        264⤵
        
        PID:2540
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        265⤵
        
        PID:2480
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        265⤵
        
        PID:2780
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        266⤵
        
        PID:2680
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        266⤵
        
        PID:2328
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        267⤵
        
        PID:1496
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        267⤵
        
        PID:2776
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        268⤵
        
        PID:1920
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        268⤵
        
        PID:2384
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        269⤵
        
        PID:2244
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        269⤵
        
        PID:2876
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        270⤵
        
        PID:3036
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        270⤵
        
        PID:908
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        271⤵
        
        PID:1064
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        271⤵
        
        PID:2548
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        272⤵
        
        PID:2180
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        272⤵
        
        PID:2904
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        273⤵
        
        PID:2788
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        273⤵
        
        PID:2512
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        274⤵
        
        PID:2956
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        274⤵
        
        PID:1544
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        275⤵
        
        PID:652
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        275⤵
        
        PID:2764
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        276⤵
        
        PID:2592
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        276⤵
        
        PID:2852
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        277⤵
        
        PID:1176
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        277⤵
        
        PID:1100
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        278⤵
        
        PID:952
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        278⤵
        
        PID:2068
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        279⤵
        
        PID:3056
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        279⤵
        
        PID:1228
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        280⤵
        
        PID:2688
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        280⤵
        
        PID:2132
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        281⤵
        
        PID:1672
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        281⤵
        
        PID:2008
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        282⤵
        
        PID:1376
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        282⤵
        
        PID:1948
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        283⤵
        
        PID:1588
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        283⤵
        
        PID:1100
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        284⤵
        
        PID:2904
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        284⤵
        
        PID:2964
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        285⤵
        
        PID:1708
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        285⤵
        
        PID:2700
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        286⤵
        
        PID:2488
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        286⤵
        
        PID:2876
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        287⤵
        
        PID:2316
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        287⤵
        
        PID:1372
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        288⤵
        
        PID:2448
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        288⤵
        
        PID:2540
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        289⤵
        
        PID:2184
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        289⤵
        
        PID:2248
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        290⤵
        
        PID:2064
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        290⤵
        
        PID:1684
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        291⤵
        
        PID:1972
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        291⤵
        
        PID:2672
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        292⤵
        
        PID:2500
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        292⤵
        
        PID:900
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        293⤵
        
        PID:2876
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        293⤵
        
        PID:2032
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        294⤵
        
        PID:1232
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        294⤵
        
        PID:932
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        295⤵
        
        PID:2772
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        295⤵
        
        PID:2068
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        296⤵
        
        PID:2388
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        296⤵
        
        PID:448
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        297⤵
        
        PID:2764
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        297⤵
        
        PID:1940
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        298⤵
        
        PID:2324
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        298⤵
        
        PID:1960
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        299⤵
        
        PID:1420
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        299⤵
        
        PID:1976
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        300⤵
        
        PID:2652
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        300⤵
        
        PID:956
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        301⤵
        
        PID:664
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        301⤵
        
        PID:2896
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        302⤵
        
        PID:1732
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        302⤵
        
        PID:2556
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        303⤵
        
        PID:448
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        303⤵
        
        PID:1328
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        304⤵
        
        PID:1940
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        304⤵
        
        PID:1604
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        305⤵
        
        PID:2984
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        305⤵
        
        PID:264
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        306⤵
        
        PID:2864
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        306⤵
        
        PID:888
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        307⤵
        
        PID:764
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        307⤵
        
        PID:1916
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        308⤵
        
        PID:1360
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        308⤵
        
        PID:700
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        309⤵
        
        PID:2164
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        309⤵
        
        PID:1868
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        310⤵
        
        PID:1976
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        310⤵
        
        PID:2228
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        311⤵
        
        PID:2128
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        311⤵
        
        PID:3016
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        312⤵
        
        PID:2076
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        312⤵
        
        PID:1712
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        313⤵
        
        PID:2588
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        313⤵
        
        PID:2988
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        314⤵
        
        PID:2532
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        314⤵
        
        PID:1556
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        315⤵
        
        PID:700
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        315⤵
        
        PID:1960
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        316⤵
        
        PID:3008
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        316⤵
        
        PID:1540
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        317⤵
        
        PID:956
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        317⤵
        
        PID:1100
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        318⤵
        
        PID:1564
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        318⤵
        
        PID:1656
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        319⤵
        
        PID:1528
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        319⤵
        
        PID:1076
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        320⤵
        
        PID:2336
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        320⤵
        
        PID:1340
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        321⤵
        
        PID:2480
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        321⤵
        
        PID:2084
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        322⤵
        
        PID:2940
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        322⤵
        
        PID:1904
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        323⤵
        
        PID:1496
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        323⤵
        
        PID:2392
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        324⤵
        
        PID:2880
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        324⤵
        
        PID:2232
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        325⤵
        
        PID:2892
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        325⤵
        
        PID:1944
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        326⤵
        
        PID:2456
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        326⤵
        
        PID:992
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        327⤵
        
        PID:2188
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        327⤵
        
        PID:2616
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        328⤵
        
        PID:2756
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        328⤵
        
        PID:3016
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        329⤵
        
        PID:3040
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        329⤵
        
        PID:2432
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        330⤵
        
        PID:2988
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        330⤵
        
        PID:2356
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        331⤵
        
        PID:1996
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        331⤵
        
        PID:3044
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        332⤵
        
        PID:768
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        332⤵
        
        PID:2596
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        333⤵
        
        PID:2684
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        333⤵
        
        PID:2656
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        334⤵
        
        PID:2788
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        334⤵
        
        PID:2392
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        335⤵
        
        PID:1088
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        335⤵
        
        PID:3036
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        336⤵
        
        PID:2428
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        336⤵
        
        PID:1944
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        337⤵
        
        PID:1756
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        337⤵
        
        PID:1580
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        338⤵
        
        PID:1176
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        338⤵
        
        PID:2396
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        339⤵
        
        PID:2376
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        339⤵
        
        PID:2956
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        340⤵
        
        PID:3016
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        340⤵
        
        PID:296
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        341⤵
        
        PID:2712
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        341⤵
        
        PID:3036
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        342⤵
        
        PID:2496
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        342⤵
        
        PID:992
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        343⤵
        
        PID:3044
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        343⤵
        
        PID:2084
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        344⤵
        
        PID:1484
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        344⤵
        
        PID:980
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        345⤵
        
        PID:2784
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        345⤵
        
        PID:1860
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        346⤵
        
        PID:1708
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        346⤵
        
        PID:2620
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        347⤵
        
        PID:1972
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        347⤵
        
        PID:2740
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        348⤵
        
        PID:2548
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        348⤵
        
        PID:1524
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        349⤵
        
        PID:1648
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        349⤵
        
        PID:2604
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        350⤵
        
        PID:3056
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        350⤵
        
        PID:2264
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        351⤵
        
        PID:1900
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        351⤵
        
        PID:1796
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        352⤵
        
        PID:2292
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        352⤵
        
        PID:2212
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        353⤵
        
        PID:2464
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        353⤵
        
        PID:2856
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        354⤵
        
        PID:2660
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        354⤵
        
        PID:2368
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        355⤵
        
        PID:2204
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        355⤵
        
        PID:2032
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        356⤵
        
        PID:2172
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        356⤵
        
        PID:296
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        357⤵
        
        PID:1852
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        357⤵
        
        PID:832
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        358⤵
        
        PID:1324
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        358⤵
        
        PID:1348
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        359⤵
        
        PID:2060
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        359⤵
        
        PID:1208
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        360⤵
        
        PID:1948
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        360⤵
        
        PID:344
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        361⤵
        
        PID:2872
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        361⤵
        
        PID:2052
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        362⤵
        
        PID:1116
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        362⤵
        
        PID:1000
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        363⤵
        
        PID:1796
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        363⤵
        
        PID:992
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        364⤵
        
        PID:1392
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        364⤵
        
        PID:3060
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        365⤵
        
        PID:2580
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        365⤵
        
        PID:536
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        366⤵
        
        PID:840
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        366⤵
        
        PID:2560
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        367⤵
        
        PID:664
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        367⤵
        
        PID:2648
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        368⤵
        
        PID:2008
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        368⤵
        
        PID:2556
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        369⤵
        
        PID:700
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        369⤵
        
        PID:2132
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        370⤵
        
        PID:1060
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        370⤵
        
        PID:2772
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        371⤵
        
        PID:2544
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        371⤵
        
        PID:344
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        372⤵
        
        PID:760
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        372⤵
        
        PID:2588
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        373⤵
        
        PID:2940
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        373⤵
        
        PID:2108
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        374⤵
        
        PID:1500
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        374⤵
        
        PID:1216
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        375⤵
        
        PID:2444
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        375⤵
        
        PID:832
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        376⤵
        
        PID:3032
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        376⤵
        
        PID:2224
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        377⤵
        
        PID:872
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        377⤵
        
        PID:2264
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        378⤵
        
        PID:2248
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        378⤵
        
        PID:1560
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        379⤵
        
        PID:2884
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        379⤵
        
        PID:2032
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        380⤵
        
        PID:1328
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        380⤵
        
        PID:2244
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        381⤵
        
        PID:2908
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        381⤵
        
        PID:2040
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        382⤵
        
        PID:2460
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        382⤵
        
        PID:1176
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        383⤵
        
        PID:1208
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        383⤵
        
        PID:3016
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        384⤵
        
        PID:2844
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        384⤵
        
        PID:2496
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        385⤵
        
        PID:3012
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        385⤵
        
        PID:2664
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        386⤵
        
        PID:2332
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        386⤵
        
        PID:2600
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        387⤵
        
        PID:2924
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        387⤵
        
        PID:1560
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        388⤵
        
        PID:2588
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        388⤵
        
        PID:2528
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        389⤵
        
        PID:2892
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        389⤵
        
        PID:2380
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        390⤵
        
        PID:3004
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        390⤵
        
        PID:836
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        391⤵
        
        PID:3036
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        391⤵
        
        PID:1696
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        392⤵
        
        PID:1536
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        392⤵
        
        PID:1608
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        393⤵
        
        PID:1732
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        393⤵
        
        PID:3040
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        394⤵
        
        PID:832
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        394⤵
        
        PID:2820
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        395⤵
        
        PID:2324
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        395⤵
        
        PID:2060
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        396⤵
        
        PID:1976
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        396⤵
        
        PID:2356
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        397⤵
        
        PID:2976
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        397⤵
        
        PID:988
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        398⤵
        
        PID:2824
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        398⤵
        
        PID:2916
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        399⤵
        
        PID:1508
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        399⤵
        
        PID:604
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        400⤵
        
        PID:2548
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        400⤵
        
        PID:1280
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        401⤵
        
        PID:2028
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        401⤵
        
        PID:2080
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        402⤵
        
        PID:1228
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        402⤵
        
        PID:2052
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        403⤵
        
        PID:1344
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        403⤵
        
        PID:2416
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        404⤵
        
        PID:2920
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        404⤵
        
        PID:1696
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        405⤵
        
        PID:1060
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        405⤵
        
        PID:536
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        406⤵
        
        PID:3040
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        406⤵
        
        PID:2992
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        407⤵
        
        PID:1816
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        407⤵
        
        PID:1524
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        408⤵
        
        PID:996
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        408⤵
        
        PID:2396
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        409⤵
        
        PID:2196
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        409⤵
        
        PID:1928
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        410⤵
        
        PID:1100
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        410⤵
        
        PID:2680
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        411⤵
        
        PID:1232
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        411⤵
        
        PID:1000
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        412⤵
        
        PID:2212
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        412⤵
        
        PID:2248
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        413⤵
        
        PID:2100
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        413⤵
        
        PID:1712
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        414⤵
        
        PID:2400
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        414⤵
        
        PID:2080
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        415⤵
        
        PID:2472
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        415⤵
        
        PID:1348
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        416⤵
        
        PID:1800
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        416⤵
        
        PID:3000
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        417⤵
        
        PID:1852
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        417⤵
        
        PID:2568
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        418⤵
        
        PID:2844
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        418⤵
        
        PID:2216
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        419⤵
        
        PID:2888
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        419⤵
        
        PID:2900
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        420⤵
        
        PID:2864
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        420⤵
        
        PID:2788
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        421⤵
        
        PID:768
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        421⤵
        
        PID:2444
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        422⤵
        
        PID:1648
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        422⤵
        
        PID:1484
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        423⤵
        
        PID:980
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        423⤵
        
        PID:2032
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        424⤵
        
        PID:1496
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        424⤵
        
        PID:1600
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        425⤵
        
        PID:2560
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        425⤵
        
        PID:1416
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        426⤵
        
        PID:2816
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        426⤵
        
        PID:1536
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        427⤵
        
        PID:776
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        427⤵
        
        PID:2084
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        428⤵
        
        PID:1984
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        428⤵
        
        PID:2724
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        429⤵
        
        PID:2832
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        429⤵
        
        PID:2324
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        430⤵
        
        PID:2604
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        430⤵
        
        PID:760
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        431⤵
        
        PID:2764
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        431⤵
        
        PID:2176
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        432⤵
        
        PID:1772
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        432⤵
        
        PID:2532
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        433⤵
        
        PID:792
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        433⤵
        
        PID:1428
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        434⤵
        
        PID:484
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        434⤵
        
        PID:3052
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        435⤵
        
        PID:900
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        435⤵
        
        PID:1188
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        436⤵
        
        PID:1844
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        436⤵
        
        PID:2272
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        437⤵
        
        PID:1280
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        437⤵
        
        PID:1600
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        438⤵
        
        PID:652
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        438⤵
        
        PID:2232
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        439⤵
        
        PID:1516
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        439⤵
        
        PID:1216
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        440⤵
        
        PID:2672
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        440⤵
        
        PID:292
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        441⤵
        
        PID:1944
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        441⤵
        
        PID:996
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        442⤵
        
        PID:3044
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        442⤵
        
        PID:2280
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        443⤵
        
        PID:2216
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        443⤵
        
        PID:3016
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        444⤵
        
        PID:2664
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        444⤵
        
        PID:1500
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        445⤵
        
        PID:2716
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        445⤵
        
        PID:2176
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        446⤵
        
        PID:2624
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        446⤵
        
        PID:1560
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        447⤵
        
        PID:2852
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        447⤵
        
        PID:1376
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        448⤵
        
        PID:1928
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        448⤵
        
        PID:2656
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        449⤵
        
        PID:1228
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        449⤵
        
        PID:2292
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        450⤵
        
        PID:1196
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        450⤵
        
        PID:2008
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        451⤵
        
        PID:1784
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        451⤵
        
        PID:1088
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        452⤵
        
        PID:2352
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        452⤵
        
        PID:2148
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        453⤵
        
        PID:1740
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        453⤵
        
        PID:2924
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        454⤵
        
        PID:2568
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        454⤵
        
        PID:2436
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        455⤵
        
        PID:2068
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        455⤵
        
        PID:1724
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        456⤵
        
        PID:1708
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        456⤵
        
        PID:980
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        457⤵
        
        PID:2916
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        457⤵
        
        PID:1420
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        458⤵
        
        PID:1920
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        458⤵
        
        PID:2688
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        459⤵
        
        PID:1584
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        459⤵
        
        PID:2532
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        460⤵
        
        PID:2632
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        460⤵
        
        PID:1560
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        461⤵
        
        PID:320
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        461⤵
        
        PID:1668
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        462⤵
        
        PID:2056
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        462⤵
        
        PID:3052
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        463⤵
        
        PID:3036
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        463⤵
        
        PID:2920
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        464⤵
        
        PID:2848
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        464⤵
        
        PID:2964
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        465⤵
        
        PID:1528
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        465⤵
        
        PID:2820
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        466⤵
        
        PID:2184
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        466⤵
        
        PID:1856
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        467⤵
        
        PID:2320
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        467⤵
        
        PID:2780
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        468⤵
        
        PID:2436
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        468⤵
        
        PID:2308
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        469⤵
        
        PID:1724
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        469⤵
        
        PID:2392
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        470⤵
        
        PID:2788
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        470⤵
        
        PID:2596
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        471⤵
        
        PID:2968
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        471⤵
        
        PID:2584
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        472⤵
        
        PID:2648
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        472⤵
        
        PID:1280
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        473⤵
        
        PID:2884
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        473⤵
        
        PID:1204
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        474⤵
        
        PID:1000
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        474⤵
        
        PID:2676
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        475⤵
        
        PID:2152
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        475⤵
        
        PID:1160
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        476⤵
        
        PID:1952
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        476⤵
        
        PID:2888
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        477⤵
        
        PID:2864
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        477⤵
        
        PID:1100
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        478⤵
        
        PID:2940
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        478⤵
        
        PID:2104
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        479⤵
        
        PID:2776
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        479⤵
        
        PID:1648
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        480⤵
        
        PID:2924
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        480⤵
        
        PID:2928
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        481⤵
        
        PID:2612
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        481⤵
        
        PID:2988
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        482⤵
        
        PID:2976
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        482⤵
        
        PID:2392
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        483⤵
        
        PID:1588
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        483⤵
        
        PID:2688
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        484⤵
        
        PID:2584
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        484⤵
        
        PID:1328
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        485⤵
        
        PID:2272
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        485⤵
        
        PID:2384
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        486⤵
        
        PID:1348
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        486⤵
        
        PID:2072
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        487⤵
        
        PID:1580
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        487⤵
        
        PID:3000
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        488⤵
        
        PID:836
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        488⤵
        
        PID:2380
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        489⤵
        
        PID:1564
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        489⤵
        
        PID:2984
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        490⤵
        
        PID:2792
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        490⤵
        
        PID:2060
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        491⤵
        
        PID:3064
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        491⤵
        
        PID:3048
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        492⤵
        
        PID:2312
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        492⤵
        
        PID:760
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        493⤵
        
        PID:2960
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        493⤵
        
        PID:2496
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        494⤵
        
        PID:2308
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        494⤵
        
        PID:2632
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        495⤵
        
        PID:3056
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        495⤵
        
        PID:2840
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        496⤵
        
        PID:2092
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        496⤵
        
        PID:1344
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        497⤵
        
        PID:1592
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        497⤵
        
        PID:1916
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        498⤵
        
        PID:2552
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        498⤵
        
        PID:2400
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        499⤵
        
        PID:1204
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        499⤵
        
        PID:1740
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        500⤵
        
        PID:2616
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        500⤵
        
        PID:1712
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        501⤵
        
        PID:2196
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        501⤵
        
        PID:2216
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        502⤵
        
        PID:1816
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        502⤵
        
        PID:2280
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        503⤵
        
        PID:2068
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        503⤵
        
        PID:2324
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        504⤵
        
        PID:1096
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        504⤵
        
        PID:2680
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        505⤵
        
        PID:2204
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        505⤵
        
        PID:1428
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        506⤵
        
        PID:1748
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        506⤵
        
        PID:2760
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        507⤵
        
        PID:2980
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        507⤵
        
        PID:2496
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        508⤵
        
        PID:1692
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        508⤵
        
        PID:1000
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        509⤵
        
        PID:1188
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        509⤵
        
        PID:2840
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        510⤵
        
        PID:2156
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        510⤵
        
        PID:1940
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        511⤵
        
        PID:2808
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        511⤵
        
        PID:1376
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        512⤵
        
        PID:2828
        
        C:\Users\Admin\AppData\Roaming\Output.exe
        
        "C:\Users\Admin\AppData\Roaming\Output.exe"
        512⤵
        
        PID:2856
        
        C:\Users\Admin\AppData\Roaming\XClient.exe
        
        "C:\Users\Admin\AppData\Roaming\XClient.exe"
        513⤵
        
        PID:2148

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\Output.exe

Filesize
707KB

MD5
96c50f871ceb7ee1a0b41dcca8da5c01

SHA1
d8946f0af6156c6f69895a2808734d2696660ada

SHA256
cef4f0409df2a015e20411fdf8317582dc6ed5f56993dd0122b8006cd695c1db

SHA512
0ac872561e55a4c2cea0cd6aab965637b4ee6945552aee0a9b1e28ba338d065f98e782e433f7e3ccd464f18bc2ba14307b453ab2b3de8172a7f186018008802e

Download Submit
C:\Users\Admin\AppData\Roaming\XClient.exe

Filesize
50KB

MD5
e0918682feb10b28a39a9cfbf4d2d90c

SHA1
c33f8518747e96955387bac3c8299eea24357fe0

SHA256
8f7a69675281f0e5f2fd0b43c64434fdb132fdca1eb82cf23aa947f83c833d01

SHA512
dcb3961832197bf33b4e554a69b95a17c847fccde7211ca96ee0a9ad975a051f93e6f29a3a9525279b2aaf9d6b7208a8ddeb8c1d430e79ddf4155f5629038fa7

Download Submit
memory/2656-0-0x000007FEF5DB3000-0x000007FEF5DB4000-memory.dmp

Filesize
4KB

Download
memory/2656-1-0x0000000000C80000-0x0000000000D46000-memory.dmp

Filesize
792KB

Download
memory/2760-13-0x0000000000CB0000-0x0000000000D68000-memory.dmp

Filesize
736KB

Download
memory/2796-9-0x0000000000C50000-0x0000000000C62000-memory.dmp

Filesize
72KB

Download
memory/2796-15-0x000007FEF5DB0000-0x000007FEF679C000-memory.dmp

Filesize
9.9MB

Download
memory/2796-74-0x000007FEF5DB0000-0x000007FEF679C000-memory.dmp

Filesize
9.9MB

Download
memory/2796-76-0x000007FEF5DB0000-0x000007FEF679C000-memory.dmp

Filesize
9.9MB

Download
memory/2796-77-0x000007FEF5DB0000-0x000007FEF679C000-memory.dmp

Filesize
9.9MB

Download