Техническая информация
- '%TEMP%\bbecabfgcgj.exe' 8-5-1-8-1-8-1-0-9-6-2 J0tIPDwpNzAvLB4nTlQ6T0FDPScaLUZAU09OSkpJOzcvGCpDQVJMSEQ0LDIwLTgYLjtIRDQqHidLUUdDTUJUVkNCNS0yKjAvHy9KP1BOQFFXVEpLPV9ucmg1LidyXXF2JW5mXShgaG8lY2FrWyxhaWVnHydCTEA9SUE/PBguPDA9JCseJz8xNSwpHy87LTslLB8nQyw8LSgaLTwwPCUwGC5QSUlCTT5TV09KSFY4PVc1Gy5IUUdDVTpOXT1QSzk8GC5QSUlCTT5TV005TEU0UWdmX25vch0xMENjdF0gMShMXXJzXGhlXW0fJ0RQRF9MTEo1Y3NsbzIuL2dgLFxnYm5obC1jZmctayoxJzQnaGRnYCtaYGZhbWgvMSd0LjA0NSw0KWUxKyo3LjQwKzMtN2MtXTJdLjBcZFxkOCsnbW1vLC0zWjU3MFtfLi81XjcvLTEoMS8xLy8tLGVyaVwnZ1xrZScxLTIwMCc0LywzLTgldmllXm1vbixkaG5kLWRfcWtgbV9kai1lb18eJ0BXPV47TERDQ0w9OB8nR0dSVFY8UEdSUj1RNS8gJk5GOUlKUU5NXlVJRjtgb3NoOScudF9bbGNuLVpkX2huJWpwZypoZmNddy5nYm43X2w1bF1yc1xoZV1tLVpkX2huJWpwZyFvY3Y1QUU+Q0xITU4eb188V2BoYmdych0xKEtpbV8jKitMXXJrZG5eX3AeamY1Qz0sU0ZAUh5vcVtqYWM9JyBfXmFoXDwoJWtuNy4ea2xcNDUlaWVtcllna11xNTggJlBLNS0fJ0NLMD05P0VBSU8oMChZMC8zNCwwMF4wLC85LTMvKy80MGIuYjRcLS9cYGNdNywfL0lPTExETD1eT0RMOklLPURMOUY9VFJDNx4nRFJXUU1NVEBHQzVvcW1kGC5SPE5TSklIRkZXVFM8TF08PFhLPCofLz
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81421257453.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81421257453.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nsr2.tmp\raw.dll
- %TEMP%\insHv47.bbecabfgcgj
- %TEMP%\bbecabfgcgj.zip
- %TEMP%\insHv47.exe
- %TEMP%\nsr2.tmp\nsisunz.dll
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- <SYSTEM32>\PerfStringBackup.TMP
- %TEMP%\tmp3.tmp
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- %TEMP%\insHv47.exe в %TEMP%\bbecabfgcgj.exe