Техническая информация
- '%TEMP%\bbcabfbbeg.exe' 5-2-6-1-1-8-1-4-7-2-8 Kk5DQzwpLywZLUtQQEpIQzUvHChMPU9VSVFKQUM5Kh4nP0dNU0g8PC0qMRgqQUNDPCgfK0lQRz9TPVNeQUM5KjAqLB4pUkRKVUFLXU1NSjdnc2xvNigta2BwcC1zYGQpWm5oKGJbc2AmaGpfbRgqQUZIQkNIQDY2LzMwLR8uPDA5Kh4nPzA3MR8nQy82MRgqQi48MxguQC47LRstSlFOPFQ/TV1ITUdQQEJRPGRtcmg1LSl2dm8tbF5wYWpsKGJuZS5sa2duXGFzLG9na2VcdxgqTkxOQ01CUFhDTUc/N2dzbG82KC1sam1mYWBqLW9wY11vbltiamstX2hrJ2BzZmAfJ09OSEJNPlJZTUBFRDldd2Zca2NiYGVocGdfZWAeKURXPV5RS0o1Y3JubzknLl9dbCZrbl5udmZra1piJl5tZy5IZnJwWmpkYHApQ2RZa0xldydfbihkd10fKz5WPVpBR0NLQU1BNi1rGy1CTlJMXj5LTU9OQ0w8MRguUEE/RkZXSVReTVFINh4nT0dHRDwpMy4pLjE0MDM2HydVSTYuGCpCTTA8ZWRlax4nTVNIU0hFRFtQQ0Q+TUdESEVAQz5TSkc7Gi5IS15OTkxMREs/PHNqdGEZLUpAUk9RTUFNQ1hTS0BQWUNAUVI5Kx4nQ0c+RFc1MBwoR0taQlNNQEVIP1hDRj5QU09TPUM5X19kbmMaLkNHVkpFTTk/XU5ITD08LSgvJy0uKzQpMDksKjgrMig7TB8nQ0tQTERKPz5eSEg8MScwMCkvLjgtLjQ=
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81420111385.txt bios get version
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81420111385.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81420111385.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nsr2.tmp\bvc.dll
- %TEMP%\insHv3.bbcabfbbeg
- %TEMP%\bbcabfbbeg.zip
- %TEMP%\insHv3.exe
- %TEMP%\nsr2.tmp\nsisunz.dll
- %TEMP%\81420111385.txt
- %TEMP%\tmp5.tmp
- <SYSTEM32>\PerfStringBackup.TMP
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- %TEMP%\bbcabfbbeg.zip
- %TEMP%\insHv3.bbcabfbbeg
- %TEMP%\tmp4.tmp
- %TEMP%\tmp3.tmp
- %TEMP%\insHv3.exe в %TEMP%\bbcabfbbeg.exe