darkcomet | 5e95ac29974541f3cf409d7ca483033c991e644b04f8d2dba7c2e08941511a22

Analysis

max time kernel
2s
max time network
55s
platform
windows11-21h2_x64
resource
win11-20250410-en
resource tags

arch:x64arch:x86image:win11-20250410-enlocale:en-usos:windows11-21h2-x64system
submitted
20/04/2025, 19:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

file.exe
Size

1.1MB
MD5

b0c07068e6f3b2bb0959a636d4bc8481
SHA1

79c420e2a5534ddbc37f5b8cd32a908bc01a293f
SHA256

b45efe2ba0a53a59524fd3c8ea6011ee8cf824e22d9e86526ed14c8887915820
SHA512

782db1f74f54f73be28a49bdcc98a89e231a07e0d06f6b35f80154d9e918e033f15856b9b39b6d501d88207771e4f3d15f7516961526d6663487d73916e5452f
SSDEEP

12288:Z4T4b4tcW7KEZlPzCy37tLV6Btpmkkx6g2UcW7KEZlPzCy37tLV6Btpmkkx6g2:Zm+KKiRzC0lApfkxIgKiRzC0lApfkxI

Score

10^/10

darkcomet nanocore guest16 defense_evasion discovery keylogger persistence rat spyware stealer trojan upx

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

jvjv2044duck33.duckdns.org:1604

Mutex

DC_MUTEX-3VMZ2C8

Attributes

InstallPath
MSDCSC\msdcsc.exe
gencode
ttgTbZWj82S9
install
true
offline_keylogger
true
persistence
true
reg_key
MicroUpdate

rc4.plain

Signatures

Darkcomet
DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
trojan rat darkcomet
Darkcomet family
darkcomet

Modifies WinLogon for persistence 2 TTPs 1 IoCs

persistence

Winlogon Helper DLL

T1547.004

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\UserInit = "C:\\Windows\\system32\\userinit.exe,C:\\Users\\Admin\\Documents\\MSDCSC\\msdcsc.exe"	VLC MEDIA PLAYER.EXE

NanoCore
NanoCore is a remote access tool (RAT) with a variety of capabilities.
keylogger trojan stealer spyware nanocore
Nanocore family
nanocore
Disables Task Manager via registry modification
defense_evasion

Sets file to hidden 1 TTPs 2 IoCs

Modifies file attributes to stop it showing in Explorer etc.

defense_evasion

Hidden Files and Directories

T1564.001

pid	Process
5128	attrib.exe
5172	attrib.exe

Executes dropped EXE 17 IoCs

pid	Process
2568	MSEDGE.EXE
5872	VLC MEDIA PLAYER.EXE
1640	WINDOWS SECURITY NANO.EXE
3548	MSEDGE.EXE
5080	VLC MEDIA PLAYER.EXE
4848	msdcsc.exe
4412	WINDOWS SECURITY NANO.EXE
2640	MSEDGE.EXE
684	VLC MEDIA PLAYER.EXE
5072	WINDOWS SECURITY NANO.EXE
5116	msdcsc.exe
5156	MSEDGE.EXE
4908	VLC MEDIA PLAYER.EXE
1672	WINDOWS SECURITY NANO.EXE
2796	MSEDGE.EXE
3864	MSEDGE.EXE
3924	MSEDGE.EXE

Adds Run key to start application 2 TTPs 3 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\TCP Subsystem = "C:\\Program Files (x86)\\TCP Subsystem\\tcpss.exe"	WINDOWS SECURITY NANO.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-2211465213-323295031-1970282057-1000\Software\Microsoft\Windows\CurrentVersion\Run\MicroUpdate = "C:\\Users\\Admin\\Documents\\MSDCSC\\msdcsc.exe"	VLC MEDIA PLAYER.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-2211465213-323295031-1970282057-1000\Software\Microsoft\Windows\CurrentVersion\Run\MicroUpdate = "C:\\Users\\Admin\\Documents\\MSDCSC\\msdcsc.exe"	VLC MEDIA PLAYER.EXE

Checks whether UAC is enabled 1 TTPs 1 IoCs

defense_evasion trojan

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA	WINDOWS SECURITY NANO.EXE

UPX packed file 64 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral2/files/0x001b00000002b248-12.dat	upx
behavioral2/memory/5872-22-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/5080-37-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/4848-41-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/684-46-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/684-49-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/5116-51-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/5116-54-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/4908-59-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/4908-56-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/4660-66-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/5872-71-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/440-77-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/4176-75-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/440-79-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/1044-82-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/5080-87-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/1044-90-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/5260-92-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/5260-88-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/1700-99-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/5748-98-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/2768-102-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/2192-112-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/2192-114-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/2768-111-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/1700-108-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/5748-104-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/3456-118-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/2068-122-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/2068-124-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/3868-128-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/3868-132-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/3404-135-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/3404-137-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/5312-140-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/1516-141-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/1516-143-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/4596-144-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/4596-146-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/6000-147-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/3524-149-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/6000-151-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/5136-153-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/4964-155-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/2356-156-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/2356-158-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/5456-160-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/4656-161-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/4656-163-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/1912-166-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/2612-167-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/2612-169-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/1044-171-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/2960-172-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/2960-174-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/3924-176-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/4548-177-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/4548-179-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/3624-180-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/3624-182-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/416-184-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/72-185-0x0000000000400000-0x00000000004B7000-memory.dmp	upx
behavioral2/memory/72-187-0x0000000000400000-0x00000000004B7000-memory.dmp	upx

Drops file in Program Files directory 2 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\TCP Subsystem\tcpss.exe	WINDOWS SECURITY NANO.EXE
File opened for modification	C:\Program Files (x86)\TCP Subsystem\tcpss.exe	WINDOWS SECURITY NANO.EXE

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

System Location Discovery: System Language Discovery 1 TTPs 22 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	VLC MEDIA PLAYER.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	WINDOWS SECURITY NANO.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MSEDGE.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	WINDOWS SECURITY NANO.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	VLC MEDIA PLAYER.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MSEDGE.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MSEDGE.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	cmd.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MSEDGE.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	WINDOWS SECURITY NANO.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MSEDGE.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	VLC MEDIA PLAYER.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	VLC MEDIA PLAYER.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	msdcsc.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	attrib.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MSEDGE.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	msdcsc.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	WINDOWS SECURITY NANO.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	cmd.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	attrib.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MSEDGE.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	file.exe

Modifies registry class 4 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\	VLC MEDIA PLAYER.EXE
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\	MSEDGE.EXE
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\	MSEDGE.EXE
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\	MSEDGE.EXE

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
1640	WINDOWS SECURITY NANO.EXE
1640	WINDOWS SECURITY NANO.EXE
1640	WINDOWS SECURITY NANO.EXE
1640	WINDOWS SECURITY NANO.EXE
1640	WINDOWS SECURITY NANO.EXE
1640	WINDOWS SECURITY NANO.EXE

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeIncreaseQuotaPrivilege	5872	VLC MEDIA PLAYER.EXE
Token: SeSecurityPrivilege	5872	VLC MEDIA PLAYER.EXE
Token: SeTakeOwnershipPrivilege	5872	VLC MEDIA PLAYER.EXE
Token: SeLoadDriverPrivilege	5872	VLC MEDIA PLAYER.EXE
Token: SeSystemProfilePrivilege	5872	VLC MEDIA PLAYER.EXE
Token: SeSystemtimePrivilege	5872	VLC MEDIA PLAYER.EXE
Token: SeProfSingleProcessPrivilege	5872	VLC MEDIA PLAYER.EXE
Token: SeIncBasePriorityPrivilege	5872	VLC MEDIA PLAYER.EXE
Token: SeCreatePagefilePrivilege	5872	VLC MEDIA PLAYER.EXE
Token: SeBackupPrivilege	5872	VLC MEDIA PLAYER.EXE
Token: SeRestorePrivilege	5872	VLC MEDIA PLAYER.EXE
Token: SeShutdownPrivilege	5872	VLC MEDIA PLAYER.EXE
Token: SeDebugPrivilege	5872	VLC MEDIA PLAYER.EXE
Token: SeSystemEnvironmentPrivilege	5872	VLC MEDIA PLAYER.EXE
Token: SeChangeNotifyPrivilege	5872	VLC MEDIA PLAYER.EXE
Token: SeRemoteShutdownPrivilege	5872	VLC MEDIA PLAYER.EXE
Token: SeUndockPrivilege	5872	VLC MEDIA PLAYER.EXE
Token: SeManageVolumePrivilege	5872	VLC MEDIA PLAYER.EXE
Token: SeImpersonatePrivilege	5872	VLC MEDIA PLAYER.EXE
Token: SeCreateGlobalPrivilege	5872	VLC MEDIA PLAYER.EXE
Token: 33	5872	VLC MEDIA PLAYER.EXE
Token: 34	5872	VLC MEDIA PLAYER.EXE
Token: 35	5872	VLC MEDIA PLAYER.EXE
Token: 36	5872	VLC MEDIA PLAYER.EXE
Token: SeIncreaseQuotaPrivilege	5080	VLC MEDIA PLAYER.EXE
Token: SeSecurityPrivilege	5080	VLC MEDIA PLAYER.EXE
Token: SeTakeOwnershipPrivilege	5080	VLC MEDIA PLAYER.EXE
Token: SeLoadDriverPrivilege	5080	VLC MEDIA PLAYER.EXE
Token: SeSystemProfilePrivilege	5080	VLC MEDIA PLAYER.EXE
Token: SeSystemtimePrivilege	5080	VLC MEDIA PLAYER.EXE
Token: SeProfSingleProcessPrivilege	5080	VLC MEDIA PLAYER.EXE
Token: SeIncBasePriorityPrivilege	5080	VLC MEDIA PLAYER.EXE
Token: SeCreatePagefilePrivilege	5080	VLC MEDIA PLAYER.EXE
Token: SeBackupPrivilege	5080	VLC MEDIA PLAYER.EXE
Token: SeRestorePrivilege	5080	VLC MEDIA PLAYER.EXE
Token: SeShutdownPrivilege	5080	VLC MEDIA PLAYER.EXE
Token: SeDebugPrivilege	5080	VLC MEDIA PLAYER.EXE
Token: SeSystemEnvironmentPrivilege	5080	VLC MEDIA PLAYER.EXE
Token: SeChangeNotifyPrivilege	5080	VLC MEDIA PLAYER.EXE
Token: SeRemoteShutdownPrivilege	5080	VLC MEDIA PLAYER.EXE
Token: SeUndockPrivilege	5080	VLC MEDIA PLAYER.EXE
Token: SeManageVolumePrivilege	5080	VLC MEDIA PLAYER.EXE
Token: SeImpersonatePrivilege	5080	VLC MEDIA PLAYER.EXE
Token: SeCreateGlobalPrivilege	5080	VLC MEDIA PLAYER.EXE
Token: 33	5080	VLC MEDIA PLAYER.EXE
Token: 34	5080	VLC MEDIA PLAYER.EXE
Token: 35	5080	VLC MEDIA PLAYER.EXE
Token: 36	5080	VLC MEDIA PLAYER.EXE
Token: SeIncreaseQuotaPrivilege	4848	msdcsc.exe
Token: SeSecurityPrivilege	4848	msdcsc.exe
Token: SeTakeOwnershipPrivilege	4848	msdcsc.exe
Token: SeLoadDriverPrivilege	4848	msdcsc.exe
Token: SeSystemProfilePrivilege	4848	msdcsc.exe
Token: SeSystemtimePrivilege	4848	msdcsc.exe
Token: SeProfSingleProcessPrivilege	4848	msdcsc.exe
Token: SeIncBasePriorityPrivilege	4848	msdcsc.exe
Token: SeCreatePagefilePrivilege	4848	msdcsc.exe
Token: SeBackupPrivilege	4848	msdcsc.exe
Token: SeRestorePrivilege	4848	msdcsc.exe
Token: SeShutdownPrivilege	4848	msdcsc.exe
Token: SeDebugPrivilege	4848	msdcsc.exe
Token: SeSystemEnvironmentPrivilege	4848	msdcsc.exe
Token: SeChangeNotifyPrivilege	4848	msdcsc.exe
Token: SeRemoteShutdownPrivilege	4848	msdcsc.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
5080	VLC MEDIA PLAYER.EXE

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3132 wrote to memory of 2568	3132	file.exe	79
PID 3132 wrote to memory of 2568	3132	file.exe	79
PID 3132 wrote to memory of 2568	3132	file.exe	79
PID 3132 wrote to memory of 5872	3132	file.exe	80
PID 3132 wrote to memory of 5872	3132	file.exe	80
PID 3132 wrote to memory of 5872	3132	file.exe	80
PID 3132 wrote to memory of 1640	3132	file.exe	81
PID 3132 wrote to memory of 1640	3132	file.exe	81
PID 3132 wrote to memory of 1640	3132	file.exe	81
PID 2568 wrote to memory of 3548	2568	MSEDGE.EXE	84
PID 2568 wrote to memory of 3548	2568	MSEDGE.EXE	84
PID 2568 wrote to memory of 3548	2568	MSEDGE.EXE	84
PID 5872 wrote to memory of 6048	5872	VLC MEDIA PLAYER.EXE	85
PID 5872 wrote to memory of 6048	5872	VLC MEDIA PLAYER.EXE	85
PID 5872 wrote to memory of 6048	5872	VLC MEDIA PLAYER.EXE	85
PID 2568 wrote to memory of 5080	2568	MSEDGE.EXE	86
PID 2568 wrote to memory of 5080	2568	MSEDGE.EXE	86
PID 2568 wrote to memory of 5080	2568	MSEDGE.EXE	86
PID 5872 wrote to memory of 4868	5872	VLC MEDIA PLAYER.EXE	88
PID 5872 wrote to memory of 4868	5872	VLC MEDIA PLAYER.EXE	88
PID 5872 wrote to memory of 4868	5872	VLC MEDIA PLAYER.EXE	88
PID 648 wrote to memory of 4848	648	cmd.exe	89
PID 648 wrote to memory of 4848	648	cmd.exe	89
PID 648 wrote to memory of 4848	648	cmd.exe	89
PID 2568 wrote to memory of 4412	2568	MSEDGE.EXE	330
PID 2568 wrote to memory of 4412	2568	MSEDGE.EXE	330
PID 2568 wrote to memory of 4412	2568	MSEDGE.EXE	330
PID 3548 wrote to memory of 2640	3548	MSEDGE.EXE	282
PID 3548 wrote to memory of 2640	3548	MSEDGE.EXE	282
PID 3548 wrote to memory of 2640	3548	MSEDGE.EXE	282
PID 3548 wrote to memory of 684	3548	MSEDGE.EXE	95
PID 3548 wrote to memory of 684	3548	MSEDGE.EXE	95
PID 3548 wrote to memory of 684	3548	MSEDGE.EXE	95
PID 3548 wrote to memory of 5072	3548	MSEDGE.EXE	98
PID 3548 wrote to memory of 5072	3548	MSEDGE.EXE	98
PID 3548 wrote to memory of 5072	3548	MSEDGE.EXE	98
PID 3692 wrote to memory of 5116	3692	cmd.exe	99
PID 3692 wrote to memory of 5116	3692	cmd.exe	99
PID 3692 wrote to memory of 5116	3692	cmd.exe	99
PID 6048 wrote to memory of 5128	6048	cmd.exe	373
PID 6048 wrote to memory of 5128	6048	cmd.exe	373
PID 6048 wrote to memory of 5128	6048	cmd.exe	373
PID 4868 wrote to memory of 5172	4868	cmd.exe	101
PID 4868 wrote to memory of 5172	4868	cmd.exe	101
PID 4868 wrote to memory of 5172	4868	cmd.exe	101
PID 2640 wrote to memory of 5156	2640	MSEDGE.EXE	102
PID 2640 wrote to memory of 5156	2640	MSEDGE.EXE	102
PID 2640 wrote to memory of 5156	2640	MSEDGE.EXE	102
PID 2640 wrote to memory of 4908	2640	MSEDGE.EXE	103
PID 2640 wrote to memory of 4908	2640	MSEDGE.EXE	103
PID 2640 wrote to memory of 4908	2640	MSEDGE.EXE	103
PID 2640 wrote to memory of 1672	2640	MSEDGE.EXE	447
PID 2640 wrote to memory of 1672	2640	MSEDGE.EXE	447
PID 2640 wrote to memory of 1672	2640	MSEDGE.EXE	447
PID 5156 wrote to memory of 2796	5156	MSEDGE.EXE	233
PID 5156 wrote to memory of 2796	5156	MSEDGE.EXE	233
PID 5156 wrote to memory of 2796	5156	MSEDGE.EXE	233
PID 2796 wrote to memory of 3864	2796	MSEDGE.EXE	106
PID 2796 wrote to memory of 3864	2796	MSEDGE.EXE	106
PID 2796 wrote to memory of 3864	2796	MSEDGE.EXE	106
PID 3864 wrote to memory of 3924	3864	MSEDGE.EXE	673
PID 3864 wrote to memory of 3924	3864	MSEDGE.EXE	673
PID 3864 wrote to memory of 3924	3864	MSEDGE.EXE	673
PID 5872 wrote to memory of 4660	5872	VLC MEDIA PLAYER.EXE	108

Views/modifies file attributes 1 TTPs 2 IoCs

defense_evasion

Hidden Files and Directories

T1564.001

pid	Process
5128	attrib.exe
5172	attrib.exe

C:\Users\Admin\AppData\Local\Temp\file.exe
"C:\Users\Admin\AppData\Local\Temp\file.exe"
1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of WriteProcessMemory
PID:3132
- C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
  "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  - Suspicious use of WriteProcessMemory
  PID:2568
- - C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
    "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
    3⤵
    - Executes dropped EXE
    - System Location Discovery: System Language Discovery
    - Suspicious use of WriteProcessMemory
    PID:3548
  - - C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
      "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
      4⤵
      Executes dropped EXE
      System Location Discovery: System Language Discovery
      Suspicious use of WriteProcessMemory
      PID:2640
    - - C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        5⤵
        Executes dropped EXE
        System Location Discovery: System Language Discovery
        Modifies registry class
        Suspicious use of WriteProcessMemory
        
        PID:5156
      - C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        6⤵
        Executes dropped EXE
        System Location Discovery: System Language Discovery
        Modifies registry class
        Suspicious use of WriteProcessMemory
        
        PID:2796
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        7⤵
        Executes dropped EXE
        System Location Discovery: System Language Discovery
        Modifies registry class
        Suspicious use of WriteProcessMemory
        
        PID:3864
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        8⤵
        Executes dropped EXE
        System Location Discovery: System Language Discovery
        
        PID:3924
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        9⤵
        
        PID:4684
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        10⤵
        
        PID:5820
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        11⤵
        
        PID:5596
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        12⤵
        
        PID:3284
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        13⤵
        
        PID:796
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        14⤵
        
        PID:2332
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        15⤵
        
        PID:5740
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        16⤵
        
        PID:6044
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        17⤵
        
        PID:240
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        18⤵
        
        PID:5520
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        19⤵
        
        PID:2204
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        20⤵
        
        PID:5668
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        21⤵
        
        PID:4696
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        22⤵
        
        PID:3132
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        23⤵
        
        PID:2076
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        24⤵
        
        PID:4940
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        25⤵
        
        PID:956
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        26⤵
        
        PID:3560
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        27⤵
        
        PID:2512
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        28⤵
        
        PID:5984
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        29⤵
        
        PID:1220
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        30⤵
        
        PID:1884
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        31⤵
        
        PID:1064
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        32⤵
        
        PID:1028
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        33⤵
        
        PID:4084
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        34⤵
        
        PID:1052
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        35⤵
        
        PID:3904
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        36⤵
        
        PID:796
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        37⤵
        
        PID:5056
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        38⤵
        
        PID:1740
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        39⤵
        
        PID:2476
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        40⤵
        
        PID:1372
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        41⤵
        
        PID:4532
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        42⤵
        
        PID:4680
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        43⤵
        
        PID:1828
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        44⤵
        
        PID:4108
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        45⤵
        
        PID:5484
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        46⤵
        
        PID:2536
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        47⤵
        
        PID:1044
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        48⤵
        
        PID:2964
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        49⤵
        
        PID:960
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        50⤵
        
        PID:244
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        51⤵
        
        PID:4924
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        52⤵
        
        PID:72
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        53⤵
        
        PID:4640
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        54⤵
        
        PID:5980
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        55⤵
        
        PID:644
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        56⤵
        
        PID:1988
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        57⤵
        
        PID:572
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        58⤵
        
        PID:3920
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        59⤵
        
        PID:412
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        60⤵
        
        PID:2076
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        61⤵
        
        PID:5632
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        62⤵
        
        PID:3008
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        63⤵
        
        PID:1560
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        64⤵
        
        PID:4056
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        65⤵
        
        PID:1608
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        66⤵
        
        PID:5432
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        67⤵
        
        PID:3456
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        68⤵
        
        PID:4808
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        69⤵
        
        PID:2652
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        70⤵
        
        PID:1864
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        71⤵
        
        PID:1896
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        72⤵
        
        PID:6012
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        73⤵
        
        PID:924
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        74⤵
        
        PID:2928
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        75⤵
        
        PID:5240
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        76⤵
        
        PID:1400
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        77⤵
        
        PID:5184
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        78⤵
        
        PID:4016
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        79⤵
        
        PID:2812
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        80⤵
        
        PID:3204
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        81⤵
        
        PID:5404
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        82⤵
        
        PID:5468
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        83⤵
        
        PID:4456
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        84⤵
        
        PID:3880
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        85⤵
        
        PID:5900
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        86⤵
        
        PID:1680
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        87⤵
        
        PID:3460
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        88⤵
        
        PID:2884
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        89⤵
        
        PID:6028
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        90⤵
        
        PID:2016
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        91⤵
        
        PID:5980
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        92⤵
        
        PID:5128
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        93⤵
        
        PID:1520
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        94⤵
        
        PID:2004
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        95⤵
        
        PID:3780
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        96⤵
        
        PID:6040
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        97⤵
        
        PID:5324
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        98⤵
        
        PID:2184
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        99⤵
        
        PID:1560
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        100⤵
        
        PID:4172
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        101⤵
        
        PID:1436
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        102⤵
        
        PID:4304
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        103⤵
        
        PID:2568
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        104⤵
        
        PID:3852
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        105⤵
        
        PID:5280
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        106⤵
        
        PID:2244
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        107⤵
        
        PID:2032
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        108⤵
        
        PID:5680
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        109⤵
        
        PID:8
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        110⤵
        
        PID:3920
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        111⤵
        
        PID:2848
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        112⤵
        
        PID:5712
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        113⤵
        
        PID:1736
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        114⤵
        
        PID:4268
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        115⤵
        
        PID:5740
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        116⤵
        
        PID:2408
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        117⤵
        
        PID:1672
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        118⤵
        
        PID:5920
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        119⤵
        
        PID:3432
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        120⤵
        
        PID:3024
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        121⤵
        
        PID:104
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        122⤵
        
        PID:228
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        123⤵
        
        PID:2968
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        124⤵
        
        PID:5528
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        125⤵
        
        PID:5532
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        126⤵
        
        PID:4412
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        127⤵
        
        PID:5376
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        128⤵
        
        PID:3876
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        129⤵
        
        PID:2928
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        130⤵
        
        PID:560
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        131⤵
        
        PID:4848
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        132⤵
        
        PID:2800
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        133⤵
        
        PID:3940
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        134⤵
        
        PID:5468
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        135⤵
        
        PID:2400
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        136⤵
        
        PID:4952
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        137⤵
        
        PID:5228
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        138⤵
        
        PID:928
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        139⤵
        
        PID:2064
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        140⤵
        
        PID:1436
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        141⤵
        
        PID:1972
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        142⤵
        
        PID:2032
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        143⤵
        
        PID:3012
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        144⤵
        
        PID:2324
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        145⤵
        
        PID:1444
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        146⤵
        
        PID:3396
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        147⤵
        
        PID:2736
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        148⤵
        
        PID:1736
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        149⤵
        
        PID:4804
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        150⤵
        
        PID:5612
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        151⤵
        
        PID:4748
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        152⤵
        
        PID:1516
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        153⤵
        
        PID:2124
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        154⤵
        
        PID:3456
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        155⤵
        
        PID:2916
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        156⤵
        
        PID:5744
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        157⤵
        
        PID:2016
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        158⤵
        
        PID:5512
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        159⤵
        
        PID:2516
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        160⤵
        
        PID:1452
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        161⤵
        
        PID:4068
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        162⤵
        
        PID:5300
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        163⤵
        
        PID:5944
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        164⤵
        
        PID:5292
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        165⤵
        
        PID:648
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        166⤵
        
        PID:3316
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        167⤵
        
        PID:2848
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        168⤵
        
        PID:4812
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        169⤵
        
        PID:2296
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        170⤵
        
        PID:1396
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        171⤵
        
        PID:5800
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        172⤵
        
        PID:6124
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        173⤵
        
        PID:3772
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        174⤵
        
        PID:2540
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        175⤵
        
        PID:5128
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        176⤵
        
        PID:1220
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        177⤵
        
        PID:5748
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        178⤵
        
        PID:5532
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        179⤵
        
        PID:1152
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        180⤵
        
        PID:3312
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        181⤵
        
        PID:1716
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        182⤵
        
        PID:752
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        183⤵
        
        PID:4476
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        184⤵
        
        PID:5072
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        185⤵
        
        PID:3832
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        186⤵
        
        PID:5176
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        187⤵
        
        PID:4812
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        188⤵
        
        PID:1528
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        189⤵
        
        PID:3592
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        190⤵
        
        PID:928
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        191⤵
        
        PID:3924
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        192⤵
        
        PID:5520
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        193⤵
        
        PID:5904
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        194⤵
        
        PID:4668
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        195⤵
        
        PID:2928
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        196⤵
        
        PID:5852
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        197⤵
        
        PID:1504
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        198⤵
        
        PID:1544
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        199⤵
        
        PID:3820
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        200⤵
        
        PID:3916
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        201⤵
        
        PID:5940
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        202⤵
        
        PID:5072
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        203⤵
        
        PID:4748
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        204⤵
        
        PID:4084
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        205⤵
        
        PID:4480
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        206⤵
        
        PID:1756
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        207⤵
        
        PID:5168
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        208⤵
        
        PID:4040
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        209⤵
        
        PID:5860
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        210⤵
        
        PID:3624
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        211⤵
        
        PID:2308
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        212⤵
        
        PID:4916
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        213⤵
        
        PID:5588
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        214⤵
        
        PID:3128
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        215⤵
        
        PID:5852
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        216⤵
        
        PID:3948
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        217⤵
        
        PID:2812
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        218⤵
        
        PID:5376
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        219⤵
        
        PID:2904
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        220⤵
        
        PID:464
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        221⤵
        
        PID:5692
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        222⤵
        
        PID:5924
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        223⤵
        
        PID:3484
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        224⤵
        
        PID:4348
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        225⤵
        
        PID:764
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        226⤵
        
        PID:5752
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        227⤵
        
        PID:5860
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        228⤵
        
        PID:4940
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        229⤵
        
        PID:2288
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        230⤵
        
        PID:4708
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        231⤵
        
        PID:5664
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        232⤵
        
        PID:1052
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        233⤵
        
        PID:3208
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        234⤵
        
        PID:2872
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        235⤵
        
        PID:4848
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        236⤵
        
        PID:4456
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        237⤵
        
        PID:3856
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        238⤵
        
        PID:684
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        239⤵
        
        PID:5400
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        240⤵
        
        PID:3092
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        241⤵
        
        PID:6112
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        242⤵
        
        PID:3920
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        243⤵
        
        PID:5068
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        244⤵
        
        PID:4216
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        245⤵
        
        PID:4464
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        246⤵
        
        PID:2916
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        247⤵
        
        PID:2372
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        248⤵
        
        PID:1140
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        249⤵
        
        PID:3580
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        250⤵
        
        PID:3036
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        251⤵
        
        PID:2040
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        252⤵
        
        PID:412
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        253⤵
        
        PID:1608
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        254⤵
        
        PID:2640
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        255⤵
        
        PID:4876
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        256⤵
        
        PID:5668
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        257⤵
        
        PID:6088
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        258⤵
        
        PID:4420
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        259⤵
        
        PID:4524
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        260⤵
        
        PID:3604
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        261⤵
        
        PID:3104
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        262⤵
        
        PID:5296
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        263⤵
        
        PID:4196
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        264⤵
        
        PID:5684
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        265⤵
        
        PID:5128
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        266⤵
        
        PID:1976
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        267⤵
        
        PID:1140
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        268⤵
        
        PID:1400
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        269⤵
        
        PID:1604
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        270⤵
        
        PID:5496
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        271⤵
        
        PID:5936
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        272⤵
        
        PID:4136
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        273⤵
        
        PID:2008
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        274⤵
        
        PID:2640
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        275⤵
        
        PID:3856
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        276⤵
        
        PID:2768
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        277⤵
        
        PID:4504
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        278⤵
        
        PID:4248
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        279⤵
        
        PID:2752
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        280⤵
        
        PID:1372
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        281⤵
        
        PID:4216
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        282⤵
        
        PID:484
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        283⤵
        
        PID:5632
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        284⤵
        
        PID:5700
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        285⤵
        
        PID:5252
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        286⤵
        
        PID:2960
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        287⤵
        
        PID:4060
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        288⤵
        
        PID:4232
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        289⤵
        
        PID:5360
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        290⤵
        
        PID:1472
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        291⤵
        
        PID:4052
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        292⤵
        
        PID:4000
        
        C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE"
        293⤵
        
        PID:4424
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        291⤵
        
        PID:5680
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        291⤵
        
        PID:1028
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        290⤵
        
        PID:4992
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        290⤵
        
        PID:5020
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        289⤵
        
        PID:1096
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        289⤵
        
        PID:648
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        288⤵
        
        PID:2812
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        288⤵
        
        PID:796
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        287⤵
        
        PID:4924
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        287⤵
        
        PID:3888
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        286⤵
        
        PID:1884
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        286⤵
        
        PID:1816
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        285⤵
        
        PID:836
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        285⤵
        
        PID:2052
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        284⤵
        
        PID:4476
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        284⤵
        
        PID:2988
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        283⤵
        
        PID:956
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        283⤵
        
        PID:124
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        282⤵
        
        PID:4240
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        282⤵
        
        PID:2696
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        281⤵
        
        PID:4180
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        281⤵
        
        PID:6092
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        280⤵
        
        PID:3104
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        280⤵
        
        PID:1716
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        279⤵
        
        PID:2044
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        279⤵
        
        PID:3696
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        278⤵
        
        PID:3488
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        278⤵
        
        PID:1756
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        277⤵
        
        PID:5052
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        277⤵
        
        PID:2964
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        276⤵
        
        PID:1268
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        276⤵
        
        PID:5028
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        275⤵
        
        PID:736
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        275⤵
        
        PID:1864
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        274⤵
        
        PID:4336
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        274⤵
        
        PID:5312
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        273⤵
        
        PID:2244
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        273⤵
        
        PID:5920
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        272⤵
        
        PID:5160
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        272⤵
        
        PID:1104
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        271⤵
        
        PID:2872
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        271⤵
        
        PID:1956
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        270⤵
        
        PID:1936
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        270⤵
        
        PID:3308
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        269⤵
        
        PID:4984
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        269⤵
        
        PID:4880
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        268⤵
        
        PID:4484
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        268⤵
        
        PID:5612
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        267⤵
        
        PID:3408
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        267⤵
        
        PID:3580
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        266⤵
        
        PID:5716
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        266⤵
        
        PID:2708
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        265⤵
        
        PID:4328
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        265⤵
        
        PID:3316
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        264⤵
        
        PID:4240
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        264⤵
        
        PID:4040
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        263⤵
        
        PID:1896
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        263⤵
        
        PID:5428
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        262⤵
        
        PID:5060
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        262⤵
        
        PID:5468
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        261⤵
        
        PID:4216
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        261⤵
        
        PID:1656
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        260⤵
        
        PID:5204
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        260⤵
        
        PID:3904
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        259⤵
        
        PID:4508
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        259⤵
        
        PID:6112
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        258⤵
        
        PID:6036
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        258⤵
        
        PID:1904
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        257⤵
        
        PID:5164
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        257⤵
        
        PID:5424
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        256⤵
        
        PID:440
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        256⤵
        
        PID:3832
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        255⤵
        
        PID:5596
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        255⤵
        
        PID:3132
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        254⤵
        
        PID:4000
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        254⤵
        
        PID:6052
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        253⤵
        
        PID:5072
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        253⤵
        
        PID:3184
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        252⤵
        
        PID:2800
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        252⤵
        
        PID:4024
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        251⤵
        
        PID:5880
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        251⤵
        
        PID:1560
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        250⤵
        
        PID:5300
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        250⤵
        
        PID:5000
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        249⤵
        
        PID:956
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        249⤵
        
        PID:3136
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        248⤵
        
        PID:5172
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        248⤵
        
        PID:6064
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        247⤵
        
        PID:5364
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        247⤵
        
        PID:3776
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        246⤵
        
        PID:5860
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        246⤵
        
        PID:1612
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        245⤵
        
        PID:1656
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        245⤵
        
        PID:2272
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        244⤵
        
        PID:2968
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        244⤵
        
        PID:4412
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        243⤵
        
        PID:2456
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        243⤵
        
        PID:3364
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        242⤵
        
        PID:1336
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        242⤵
        
        PID:1444
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        241⤵
        
        PID:3140
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        241⤵
        
        PID:2732
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        240⤵
        
        PID:8
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        240⤵
        
        PID:2384
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        239⤵
        
        PID:564
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        239⤵
        
        PID:3180
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        238⤵
        
        PID:1232
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        238⤵
        
        PID:876
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        237⤵
        
        PID:1088
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        237⤵
        
        PID:2904
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        236⤵
        
        PID:2100
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        236⤵
        
        PID:5376
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        235⤵
        
        PID:2800
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        235⤵
        
        PID:5736
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        234⤵
        
        PID:5780
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        234⤵
        
        PID:5392
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        233⤵
        
        PID:6116
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        233⤵
        
        PID:6000
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        232⤵
        
        PID:804
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        232⤵
        
        PID:5908
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        231⤵
        
        PID:2376
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        231⤵
        
        PID:5956
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        230⤵
        
        PID:1628
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        230⤵
        
        PID:1696
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        229⤵
        
        PID:4512
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        229⤵
        
        PID:1380
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        228⤵
        
        PID:2308
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        228⤵
        
        PID:4912
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        227⤵
        
        PID:3900
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        227⤵
        
        PID:2760
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        226⤵
        
        PID:5684
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        226⤵
        
        PID:2164
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        225⤵
        
        PID:3772
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        225⤵
        
        PID:4608
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        224⤵
        
        PID:1756
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        224⤵
        
        PID:2392
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        223⤵
        
        PID:2732
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        223⤵
        
        PID:5148
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        222⤵
        
        PID:4084
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        222⤵
        
        PID:1384
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        221⤵
        
        PID:4824
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        221⤵
        
        PID:5936
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        220⤵
        
        PID:5072
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        220⤵
        
        PID:2512
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        219⤵
        
        PID:5196
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        219⤵
        
        PID:5380
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        218⤵
        
        PID:5864
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        218⤵
        
        PID:752
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        217⤵
        
        PID:4456
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        217⤵
        
        PID:3432
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        216⤵
        
        PID:3960
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        216⤵
        
        PID:5024
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        215⤵
        
        PID:5252
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        215⤵
        
        PID:5288
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        214⤵
        
        PID:992
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        214⤵
        
        PID:1372
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        213⤵
        
        PID:760
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        213⤵
        
        PID:4936
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        212⤵
        
        PID:6044
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        212⤵
        
        PID:5444
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        211⤵
        
        PID:2476
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        211⤵
        
        PID:3312
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        210⤵
        
        PID:1740
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        210⤵
        
        PID:4228
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        209⤵
        
        PID:3900
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        209⤵
        
        PID:2332
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        208⤵
        
        PID:4760
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        208⤵
        
        PID:3048
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        207⤵
        
        PID:5776
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        207⤵
        
        PID:3592
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        206⤵
        
        PID:4684
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        206⤵
        
        PID:1472
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        205⤵
        
        PID:1932
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        205⤵
        
        PID:1032
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        204⤵
        
        PID:4312
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        204⤵
        
        PID:4016
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        203⤵
        
        PID:3832
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        203⤵
        
        PID:1560
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        202⤵
        
        PID:5180
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        202⤵
        
        PID:2896
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        201⤵
        
        PID:5840
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        201⤵
        
        PID:5716
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        200⤵
        
        PID:5864
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        200⤵
        
        PID:3860
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        199⤵
        
        PID:1264
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        199⤵
        
        PID:5944
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        198⤵
        
        PID:5320
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        198⤵
        
        PID:5488
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        197⤵
        
        PID:1432
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        197⤵
        
        PID:1148
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        196⤵
        
        PID:5100
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        196⤵
        
        PID:1656
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        195⤵
        
        PID:5748
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        195⤵
        
        PID:1768
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        194⤵
        
        PID:3684
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        194⤵
        
        PID:1100
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        193⤵
        
        PID:3692
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        193⤵
        
        PID:1524
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        192⤵
        
        PID:2916
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        192⤵
        
        PID:2280
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        191⤵
        
        PID:3168
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        191⤵
        
        PID:2700
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        190⤵
        
        PID:4316
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        190⤵
        
        PID:1232
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        189⤵
        
        PID:3808
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        189⤵
        
        PID:2296
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        188⤵
        
        PID:2188
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        188⤵
        
        PID:5456
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        187⤵
        
        PID:6008
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        187⤵
        
        PID:4136
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        186⤵
        
        PID:5336
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        186⤵
        
        PID:2076
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        185⤵
        
        PID:4676
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        185⤵
        
        PID:5344
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        184⤵
        
        PID:4804
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        184⤵
        
        PID:5848
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        183⤵
        
        PID:1976
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        183⤵
        
        PID:1004
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        182⤵
        
        PID:5900
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        182⤵
        
        PID:796
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        181⤵
        
        PID:2852
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        181⤵
        
        PID:2216
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        180⤵
        
        PID:124
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        180⤵
        
        PID:5664
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        179⤵
        
        PID:4068
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        179⤵
        
        PID:5660
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        178⤵
        
        PID:5784
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        178⤵
        
        PID:1972
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        177⤵
        
        PID:1504
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        177⤵
        
        PID:5684
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        176⤵
        
        PID:1996
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        176⤵
        
        PID:1680
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        175⤵
        
        PID:1100
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        175⤵
        
        PID:744
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        174⤵
        
        PID:2308
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        174⤵
        
        PID:3024
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        173⤵
        
        PID:5228
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        173⤵
        
        PID:4556
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        172⤵
        
        PID:4008
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        172⤵
        
        PID:2512
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        171⤵
        
        PID:4468
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        171⤵
        
        PID:4888
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        170⤵
        
        PID:4684
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        170⤵
        
        PID:1132
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        169⤵
        
        PID:3868
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        169⤵
        
        PID:4024
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        168⤵
        
        PID:5424
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        168⤵
        
        PID:3960
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        167⤵
        
        PID:2404
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        167⤵
        
        PID:1052
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        166⤵
        
        PID:5272
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        166⤵
        
        PID:5996
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        165⤵
        
        PID:796
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        165⤵
        
        PID:416
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        164⤵
        
        PID:3396
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        164⤵
        
        PID:1484
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        163⤵
        
        PID:3200
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        163⤵
        
        PID:1512
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        162⤵
        
        PID:3788
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        162⤵
        
        PID:5200
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        161⤵
        
        PID:2696
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        161⤵
        
        PID:4916
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        160⤵
        
        PID:992
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        160⤵
        
        PID:4104
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        159⤵
        
        PID:2612
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        159⤵
        
        PID:4988
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        158⤵
        
        PID:5748
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        158⤵
        
        PID:4516
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        157⤵
        
        PID:4108
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        157⤵
        
        PID:788
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        156⤵
        
        PID:4524
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        156⤵
        
        PID:4312
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        155⤵
        
        PID:1524
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        155⤵
        
        PID:1536
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        154⤵
        
        PID:4744
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        154⤵
        
        PID:5064
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        153⤵
        
        PID:4508
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        153⤵
        
        PID:2568
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        152⤵
        
        PID:1884
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        152⤵
        
        PID:5468
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        151⤵
        
        PID:4212
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        151⤵
        
        PID:2448
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        150⤵
        
        PID:2356
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        150⤵
        
        PID:4400
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        149⤵
        
        PID:5924
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        149⤵
        
        PID:4936
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        148⤵
        
        PID:4612
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        148⤵
        
        PID:5000
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        147⤵
        
        PID:1048
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        147⤵
        
        PID:2544
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        146⤵
        
        PID:4408
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        146⤵
        
        PID:1112
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        145⤵
        
        PID:3948
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        145⤵
        
        PID:2492
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        144⤵
        
        PID:4340
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        144⤵
        
        PID:1652
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        143⤵
        
        PID:5532
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        143⤵
        
        PID:4520
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        142⤵
        
        PID:3096
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        142⤵
        
        PID:2244
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        141⤵
        
        PID:5904
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        141⤵
        
        PID:4420
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        140⤵
        
        PID:1152
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        140⤵
        
        PID:5244
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        139⤵
        
        PID:2352
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        139⤵
        
        PID:4876
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        138⤵
        
        PID:3264
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        138⤵
        
        PID:1816
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        137⤵
        
        PID:3908
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        137⤵
        
        PID:1976
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        136⤵
        
        PID:5920
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        136⤵
        
        PID:2988
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        135⤵
        
        PID:2600
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        135⤵
        
        PID:1604
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        134⤵
        
        PID:1052
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        134⤵
        
        PID:5076
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        133⤵
        
        PID:5524
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        133⤵
        
        PID:6040
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        132⤵
        
        PID:1104
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        132⤵
        
        PID:2216
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        131⤵
        
        PID:796
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        131⤵
        
        PID:2852
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        130⤵
        
        PID:5324
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        130⤵
        
        PID:3312
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        129⤵
        
        PID:4560
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        129⤵
        
        PID:5496
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        128⤵
        
        PID:3308
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        128⤵
        
        PID:5184
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        127⤵
        
        PID:1268
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        127⤵
        
        PID:2000
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        126⤵
        
        PID:4200
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        126⤵
        
        PID:1912
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        125⤵
        
        PID:4060
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        125⤵
        
        PID:4228
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        124⤵
        
        PID:764
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        124⤵
        
        PID:4608
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        123⤵
        
        PID:3044
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        123⤵
        
        PID:4216
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        122⤵
        
        PID:4672
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        122⤵
        
        PID:3592
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        121⤵
        
        PID:6068
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        121⤵
        
        PID:5656
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        120⤵
        
        PID:1012
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        120⤵
        
        PID:5272
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        119⤵
        
        PID:3728
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        119⤵
        
        PID:2008
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        118⤵
        
        PID:2036
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        118⤵
        
        PID:5044
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        117⤵
        
        PID:4676
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        117⤵
        
        PID:2964
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        116⤵
        
        PID:4176
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        116⤵
        
        PID:1168
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        115⤵
        
        PID:3560
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        115⤵
        
        PID:1512
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        114⤵
        
        PID:4624
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        114⤵
        
        PID:3988
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        113⤵
        
        PID:3904
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        113⤵
        
        PID:5300
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        112⤵
        
        PID:4560
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        112⤵
        
        PID:3176
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        111⤵
        
        PID:5184
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        111⤵
        
        PID:5672
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        110⤵
        
        PID:5252
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        110⤵
        
        PID:3016
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        109⤵
        
        PID:3396
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        109⤵
        
        PID:5040
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        108⤵
        
        PID:4504
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        108⤵
        
        PID:1996
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        107⤵
        
        PID:5096
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        107⤵
        
        PID:5860
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        106⤵
        
        PID:2016
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        106⤵
        
        PID:1204
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        105⤵
        
        PID:2560
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        105⤵
        
        PID:4212
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        104⤵
        
        PID:5368
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        104⤵
        
        PID:5880
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        103⤵
        
        PID:4976
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        103⤵
        
        PID:1516
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        102⤵
        
        PID:5832
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        102⤵
        
        PID:2044
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        101⤵
        
        PID:5044
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        101⤵
        
        PID:4784
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        100⤵
        
        PID:1044
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        100⤵
        
        PID:4320
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        99⤵
        
        PID:5984
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        99⤵
        
        PID:5404
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        98⤵
        
        PID:4624
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        98⤵
        
        PID:3788
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        97⤵
        
        PID:1512
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        97⤵
        
        PID:3200
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        96⤵
        
        PID:5852
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        96⤵
        
        PID:1488
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        95⤵
        
        PID:5252
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        95⤵
        
        PID:3684
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        94⤵
        
        PID:5776
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        94⤵
        
        PID:3732
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        93⤵
        
        PID:644
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        93⤵
        
        PID:5636
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        92⤵
        
        PID:572
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        92⤵
        
        PID:1828
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        91⤵
        
        PID:5448
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        91⤵
        
        PID:5868
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        90⤵
        
        PID:1956
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        90⤵
        
        PID:5848
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        89⤵
        
        PID:5196
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        89⤵
        
        PID:5412
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        88⤵
        
        PID:2700
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        88⤵
        
        PID:928
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        87⤵
        
        PID:1516
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        87⤵
        
        PID:5388
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        86⤵
        
        PID:4452
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        86⤵
        
        PID:6132
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        85⤵
        
        PID:2872
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        85⤵
        
        PID:836
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        84⤵
        
        PID:1092
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        84⤵
        
        PID:4968
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        83⤵
        
        PID:5424
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        83⤵
        
        PID:1428
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        82⤵
        
        PID:1112
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        82⤵
        
        PID:1612
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        81⤵
        
        PID:3128
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        81⤵
        
        PID:5632
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        80⤵
        
        PID:1984
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        80⤵
        
        PID:1544
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        79⤵
        
        PID:5876
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        79⤵
        
        PID:1688
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        78⤵
        
        PID:3732
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        78⤵
        
        PID:4512
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        77⤵
        
        PID:5296
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        77⤵
        
        PID:4216
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        76⤵
        
        PID:4412
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        76⤵
        
        PID:3192
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        75⤵
        
        PID:572
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        75⤵
        
        PID:3692
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        74⤵
        
        PID:5064
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        74⤵
        
        PID:5656
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        73⤵
        
        PID:8
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        73⤵
        
        PID:4312
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        72⤵
        
        PID:2988
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        72⤵
        
        PID:4492
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        71⤵
        
        PID:3908
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        71⤵
        
        PID:2540
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        70⤵
        
        PID:2448
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        70⤵
        
        PID:4864
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        69⤵
        
        PID:3164
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        69⤵
        
        PID:3776
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        68⤵
        
        PID:1920
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        68⤵
        
        PID:72
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        67⤵
        
        PID:3592
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        67⤵
        
        PID:4916
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        66⤵
        
        PID:4508
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        66⤵
        
        PID:2732
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        65⤵
        
        PID:1428
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        65⤵
        
        PID:5740
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        64⤵
        
        PID:4320
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        64⤵
        
        PID:1892
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        63⤵
        
        PID:3624
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        63⤵
        
        PID:1504
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        62⤵
        
        PID:2604
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        62⤵
        
        PID:1232
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        61⤵
        
        PID:2640
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        61⤵
        
        PID:2636
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        60⤵
        
        PID:1656
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        60⤵
        
        PID:5744
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        59⤵
        
        PID:1828
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        59⤵
        
        PID:4656
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        58⤵
        
        PID:5028
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        58⤵
        
        PID:6068
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        57⤵
        
        PID:1372
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        57⤵
        
        PID:4496
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        56⤵
        
        PID:2840
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        56⤵
        
        PID:1180
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        55⤵
        
        PID:2696
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        55⤵
        
        PID:5612
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        54⤵
        
        PID:4864
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        54⤵
        
        PID:4304
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        53⤵
        
        PID:5880
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        53⤵
        
        PID:4260
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        52⤵
        
        PID:5916
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        52⤵
        
        PID:4192
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        51⤵
        
        PID:3488
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        51⤵
        
        PID:3904
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        50⤵
        
        PID:5288
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        50⤵
        
        PID:2040
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        49⤵
        
        PID:6092
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        49⤵
        
        PID:5300
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        48⤵
        
        PID:5468
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        48⤵
        
        PID:3396
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        47⤵
        
        PID:2296
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        47⤵
        
        PID:1996
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        46⤵
        
        PID:740
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        46⤵
        
        PID:5024
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        45⤵
        
        PID:2796
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        45⤵
        
        PID:3520
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        44⤵
        
        PID:3692
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        44⤵
        
        PID:440
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        43⤵
        
        PID:964
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        43⤵
        
        PID:4424
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        42⤵
        
        PID:4136
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        42⤵
        
        PID:5456
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        41⤵
        
        PID:5988
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        41⤵
        
        PID:4964
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        40⤵
        
        PID:1980
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        40⤵
        
        PID:3460
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        39⤵
        
        PID:5996
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        39⤵
        
        PID:1168
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        38⤵
        
        PID:5700
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        38⤵
        
        PID:2432
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        37⤵
        
        PID:5320
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        37⤵
        
        PID:4560
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        36⤵
        
        PID:72
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        36⤵
        
        PID:3856
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        35⤵
        
        PID:2216
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        35⤵
        
        PID:124
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        34⤵
        
        PID:416
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        34⤵
        
        PID:948
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        33⤵
        
        PID:4548
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        33⤵
        
        PID:6116
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        32⤵
        
        PID:3624
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        32⤵
        
        PID:4264
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        31⤵
        
        PID:3924
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        31⤵
        
        PID:768
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        30⤵
        
        PID:2960
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        30⤵
        
        PID:8
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        29⤵
        
        PID:1044
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        29⤵
        
        PID:1204
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        28⤵
        
        PID:2612
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        28⤵
        
        PID:3888
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        27⤵
        
        PID:1912
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        27⤵
        
        PID:3932
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        26⤵
        
        PID:5456
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        26⤵
        
        PID:6020
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        25⤵
        
        PID:4656
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        25⤵
        
        PID:5208
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        24⤵
        
        PID:2356
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        24⤵
        
        PID:2128
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        23⤵
        
        PID:4964
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        23⤵
        
        PID:4632
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        22⤵
        
        PID:5136
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        22⤵
        
        PID:4968
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        21⤵
        
        PID:6000
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        21⤵
        
        PID:1268
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        20⤵
        
        PID:1516
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        20⤵
        
        PID:4608
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        19⤵
        
        PID:4596
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        19⤵
        
        PID:3900
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        18⤵
        
        PID:3404
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        18⤵
        
        PID:1132
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        17⤵
        
        PID:5312
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        17⤵
        
        PID:3408
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        16⤵
        
        PID:3868
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        16⤵
        
        PID:2324
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        15⤵
        
        PID:2068
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        15⤵
        
        PID:3600
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        14⤵
        
        PID:3456
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        14⤵
        
        PID:3180
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        13⤵
        
        PID:1700
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        13⤵
        
        PID:5388
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        12⤵
        
        PID:5260
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        12⤵
        
        PID:3872
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        11⤵
        
        PID:2192
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        11⤵
        
        PID:2448
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        10⤵
        
        PID:2768
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        10⤵
        
        PID:6028
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        9⤵
        
        PID:5748
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        9⤵
        
        PID:3168
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        8⤵
        
        PID:1044
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        8⤵
        
        PID:3216
        
        C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        7⤵
        
        PID:440
        
        C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        7⤵
        
        PID:6092
      - C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        6⤵
        
        PID:4176
      - C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        6⤵
        
        PID:4900
    - - C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
        5⤵
        Executes dropped EXE
        System Location Discovery: System Language Discovery
        
        PID:4908
    - - C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
        
        "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
        5⤵
        Executes dropped EXE
        System Location Discovery: System Language Discovery
        
        PID:1672
  - - C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
      "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
      4⤵
      Executes dropped EXE
      System Location Discovery: System Language Discovery
      PID:684
  - - C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
      "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
      4⤵
      Executes dropped EXE
      System Location Discovery: System Language Discovery
      PID:5072
- - C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
    "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
    3⤵
    - Executes dropped EXE
    - Adds Run key to start application
    - System Location Discovery: System Language Discovery
    - Suspicious use of AdjustPrivilegeToken
    - Suspicious use of SetWindowsHookEx
    PID:5080
- - C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
    "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
    3⤵
    - Executes dropped EXE
    - System Location Discovery: System Language Discovery
    PID:4412
- C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE
  "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE"
  2⤵
  - Modifies WinLogon for persistence
  - Executes dropped EXE
  - Adds Run key to start application
  - System Location Discovery: System Language Discovery
  - Modifies registry class
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of WriteProcessMemory
  PID:5872
- - C:\Windows\SysWOW64\cmd.exe
    "C:\Windows\System32\cmd.exe" /k attrib "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE" +s +h
    3⤵
    - System Location Discovery: System Language Discovery
    - Suspicious use of WriteProcessMemory
    PID:6048
  - - C:\Windows\SysWOW64\attrib.exe
      attrib "C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE" +s +h
      4⤵
      Sets file to hidden
      System Location Discovery: System Language Discovery
      Views/modifies file attributes
      PID:5128
- - C:\Windows\SysWOW64\cmd.exe
    "C:\Windows\System32\cmd.exe" /k attrib "C:\Users\Admin\AppData\Local\Temp" +s +h
    3⤵
    - System Location Discovery: System Language Discovery
    - Suspicious use of WriteProcessMemory
    PID:4868
  - - C:\Windows\SysWOW64\attrib.exe
      attrib "C:\Users\Admin\AppData\Local\Temp" +s +h
      4⤵
      Sets file to hidden
      System Location Discovery: System Language Discovery
      Views/modifies file attributes
      PID:5172
- - C:\Users\Admin\Documents\MSDCSC\msdcsc.exe
    "C:\Users\Admin\Documents\MSDCSC\msdcsc.exe"
    3⤵
    PID:4660
- C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE
  "C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE"
  2⤵
  - Executes dropped EXE
  - Adds Run key to start application
  - Checks whether UAC is enabled
  - Drops file in Program Files directory
  - System Location Discovery: System Language Discovery
  - Suspicious behavior: EnumeratesProcesses
  PID:1640

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\Documents\MSDCSC\msdcsc.exe
1⤵
- Suspicious use of WriteProcessMemory
PID:648
- C:\Users\Admin\Documents\MSDCSC\msdcsc.exe
  C:\Users\Admin\Documents\MSDCSC\msdcsc.exe
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  - Suspicious use of AdjustPrivilegeToken
  PID:4848

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\Documents\MSDCSC\msdcsc.exe
1⤵
- Suspicious use of WriteProcessMemory
PID:3692
- C:\Users\Admin\Documents\MSDCSC\msdcsc.exe
  C:\Users\Admin\Documents\MSDCSC\msdcsc.exe
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  PID:5116

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Program Files (x86)\TCP Subsystem\tcpss.exe
1⤵
PID:5960

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\Documents\MSDCSC\msdcsc.exe
1⤵
PID:5868
- C:\Users\Admin\Documents\MSDCSC\msdcsc.exe
  C:\Users\Admin\Documents\MSDCSC\msdcsc.exe
  2⤵
  PID:3524

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\Documents\MSDCSC\msdcsc.exe
1⤵
PID:5408
- C:\Users\Admin\Documents\MSDCSC\msdcsc.exe
  C:\Users\Admin\Documents\MSDCSC\msdcsc.exe
  2⤵
  PID:1388

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\Documents\MSDCSC\msdcsc.exe
1⤵
PID:2228
- C:\Users\Admin\Documents\MSDCSC\msdcsc.exe
  C:\Users\Admin\Documents\MSDCSC\msdcsc.exe
  2⤵
  PID:4696

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\Documents\MSDCSC\msdcsc.exe
1⤵
PID:4104
- C:\Users\Admin\Documents\MSDCSC\msdcsc.exe
  C:\Users\Admin\Documents\MSDCSC\msdcsc.exe
  2⤵
  PID:3588

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\Documents\MSDCSC\msdcsc.exe
1⤵
PID:5872
- C:\Users\Admin\Documents\MSDCSC\msdcsc.exe
  C:\Users\Admin\Documents\MSDCSC\msdcsc.exe
  2⤵
  PID:3788

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\Documents\MSDCSC\msdcsc.exe
1⤵
PID:5636
- C:\Users\Admin\Documents\MSDCSC\msdcsc.exe
  C:\Users\Admin\Documents\MSDCSC\msdcsc.exe
  2⤵
  PID:5340

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\Documents\MSDCSC\msdcsc.exe
1⤵
PID:4956
- C:\Users\Admin\Documents\MSDCSC\msdcsc.exe
  C:\Users\Admin\Documents\MSDCSC\msdcsc.exe
  2⤵
  PID:5004

Network

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Winlogon Helper DLL

T1547.004

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Winlogon Helper DLL

T1547.004

Defense Evasion

Hide Artifacts

T1564

Hidden Files and Directories

T1564.001

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\MSEDGE.EXE

Filesize
567KB

MD5
cf1cd7f520bbd4aff4a51f3dd176ebdf

SHA1
8aee2f95eb2b4a33e2e2ac1c917233a81fe2c6bc

SHA256
c63b71399802b4e604af2072be8478de196ff17458567af2932efd63a2cf2641

SHA512
3cc448705fb22f1189382c3f7cf101cad0ecbb745847b5c1084f1a9eb8f974b1f0ceb3a15e7b20c220a60d3ab0a28db2de2bebe8c54676fee61d358d7bd62415

Download Submit
C:\Users\Admin\AppData\Local\Temp\VLC MEDIA PLAYER.EXE

Filesize
251KB

MD5
42aee8a3fe46b4306bde92679a6d24f4

SHA1
f64851cba8882ba2629764458da5cff979a4ac7b

SHA256
2411aa77881e33b2d19e58b26c37fd93383e9fff1a3d0c3548272d9ea5b0a837

SHA512
3b024e18421464f8d37b4c028b485fafa8eef0bb762d35e1137c2e33b11c009e7cd10dc14335bdf91807253230d8239b753f277d3465bb7ef8a15a3aad9a7f88

Download Submit
C:\Users\Admin\AppData\Local\Temp\WINDOWS SECURITY NANO.EXE

Filesize
209KB

MD5
172214b69dfbf053c83ff8e6b70842bc

SHA1
02e321757925f21b18c96d2e23d6e9a755df59ab

SHA256
da01598ba05a9467fa7cf76d9d212df75886eeeea30a633654dcdf29d8be90d9

SHA512
6b02e7dffd64a8cc7b83e7dcbfbd8d4dfb99f7cc13d5056ffb00efb51f7cf0431bb270b8afa394dbeb4e7b3558261c0ea6bd3a542bd82afd9fbc9c5227f83a42

Download Submit
memory/72-187-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/72-185-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/416-184-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/440-77-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/440-79-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/684-46-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/684-49-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/740-213-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/964-207-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/964-208-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/1044-82-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/1044-171-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/1044-90-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/1388-219-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/1388-217-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/1516-141-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/1516-143-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/1640-86-0x0000000073860000-0x0000000073E11000-memory.dmp

Filesize
5.7MB

Download
memory/1640-32-0x0000000073860000-0x0000000073E11000-memory.dmp

Filesize
5.7MB

Download
memory/1640-29-0x0000000073861000-0x0000000073862000-memory.dmp

Filesize
4KB

Download
memory/1700-99-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/1700-108-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/1912-166-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/1980-198-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/1980-200-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/2068-124-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/2068-122-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/2192-112-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/2192-114-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/2216-189-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/2296-220-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/2296-222-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/2356-158-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/2356-156-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/2612-167-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/2612-169-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/2768-102-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/2768-111-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/2796-216-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/2796-214-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/2960-174-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/2960-172-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/3404-135-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/3404-137-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/3456-118-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/3488-229-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/3524-149-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/3624-180-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/3624-182-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/3692-211-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/3692-209-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/3868-132-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/3868-128-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/3924-176-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/4136-203-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/4136-205-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/4176-75-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/4548-179-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/4548-177-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/4596-146-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/4596-144-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/4656-163-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/4656-161-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/4660-66-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/4848-41-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/4864-236-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/4908-59-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/4908-56-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/4964-155-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/5080-37-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/5080-87-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/5116-54-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/5116-51-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/5136-153-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/5260-92-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/5260-88-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/5288-231-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/5312-140-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/5320-192-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/5320-190-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/5456-160-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/5468-225-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/5468-223-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/5700-193-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/5700-195-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/5748-104-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/5748-98-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/5872-28-0x00000000024C0000-0x00000000024C1000-memory.dmp

Filesize
4KB

Download
memory/5872-22-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/5872-71-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/5880-233-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/5880-235-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/5916-232-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/5988-202-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/5996-197-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/6000-151-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/6000-147-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/6092-227-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download