Техническая информация
- '%TEMP%\cbbcabfeacd.exe' 5-5-4-2-1-4-3-6-3-7-4 KktFQjwtNi8yGStOUD5OSEA6Kh0oSkBPU01RR0Y+OiocKj9FUVNFQTcuMDQtGytBSEA6Kh0oTE1KQFNCUFxDQTYtMistHi5PQkxTPk5aUE5KPGRxbm0zKypuYXB1KnFiYiZda2spYmBwXihmZ2JqGytBS0VARUY9ORsqQC88LTIzMCw0GypAMDwwNCsdKEAuOCkvHytBLjomLRsqQDM8KS4aLElOSj9RQVNbTUxGTz0+VDkeLkxPSUFOP09aQVNLPToaLElOSj9RQVNbSztKPjk8X2tgZCEvKk9eXV9gbh4uQVU/XE5ORzhkcnNsNyksWm5fanNsa2teXitaYGpdYSxia2opbW5eKlxgbWFhLGxiWmBgbSt1aGosKy4ndCosLSwvKi0xLF5qWlBPLUBgX19PXW4sLCwuNltiaFxOTylgdGMfK0JSQlg/SD9IR01BOhosQUtOT1tAUUtUTUJLOS0bK1JHPUtFVkhRWlBOSjxkcW5tMysqcnN1LWxsbXFda3JpaG1gYCtoYm0ra2pucmBoLGxiXWVtYF9yLWxlajxiYDhsYmIyMy4xcmQuYGc0YGZyM2RoXzJhMy9iaWQ2ay9pMmQscGNkLjIxMjJvbmVtamowc1wtJiwsYC5kY2AwMWMvLyswNDUzXzIzX1o0KzNiZDMvLWBgH2A4X2t1bWhsW2FeXW5gKmxkcCNqOjpgal1hIzEsT19eXWFtIWxnYzkwGixPSTgtHC1DTy43HShOUElQR0xBXFFCRT9KSEFHTD1EP1JLSDgbK0dSW09PS01FSEA5cnFxYhosS0FPUE5MSEpEWVJMQU1aQD9YTzosHShERD9BVjwtHSlGTFs/VEo/TEVAWUJHP01UTFJEQDpgXmVvYBsrQk5TS0ZMOkBaREw7Ni0rKzMpKjEzKjE4HCxORkZBOCwwMDIyMCouKzMbKkBNVkpJST
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81428110884.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81428110884.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nsh2.tmp\ice.dll
- %TEMP%\rc25.cbbcabfeacd
- %TEMP%\cbbcabfeacd.zip
- %TEMP%\rc25.exe
- %TEMP%\nsh2.tmp\nsisunz.dll
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- %TEMP%\tmp5.tmp
- %TEMP%\tmp3.tmp
- %TEMP%\tmp4.tmp
- %TEMP%\rc25.exe в %TEMP%\cbbcabfeacd.exe