Техническая информация
- '%TEMP%\cld.exe' 6-2-2-1-9-6-6-5-7-9-0 KU5HQzQqGipMTEJKR0I8JxopST5LV0lQSUg7NyobKDtJTVJHQzQqGio8QEQ3Lh4uR0xJP046VFlHQjwnGilOPklWP1BdVElGN2Nta3A0LS1yXGxwKW1fZSdfbm8kXltvWiVpaGRtHyY9RkQ8Qkk+Ox4uOys3KCoXLz4wOywoGik/LDQtKx4tQys3JywZJkQvOyswFylKTUg7VT1SXU9JQ1A8PFA9Gi1OUUY+Tz5NVkVPSj88FylKTUg7VT1SXU04Rz84GSZFUkNdVElGNxsoPFg/XUFMO0ZDST40IClGTVJLWTxNSE5TP1A7MRcpTkM6RUtTTVNeTExGOBkmVENLQzwoLis0MioyLzUzHyZQRzgrFy8+US88FylMUEdLSUdDXVY8Rj1KRjxJRz9FRExMRjgZJklNXVBURU5DSD40dGxzYx8mTD9PTklOQ0xFXkxNP01YO0FTUTsxFylCRD08WDcvHi5ATVk/UkVBR0dBXjxIPU1SR1Q/QjtlWGZtYBkmRElVTEtGOz5aTUBNPzsxLyYrLCorJzEuKC44MS4sNS4sIClCTVZFRkk8PVZJSjsvMS4oKikpJTE=
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81419946027.txt bios get version
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81419946027.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81419946027.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nso2.tmp\aal.dll
- %TEMP%\insHv3.cld
- %TEMP%\cld.zip
- %TEMP%\insHv3.exe
- %TEMP%\nso2.tmp\nsisunz.dll
- %TEMP%\81419946027.txt
- %TEMP%\tmp5.tmp
- <SYSTEM32>\PerfStringBackup.TMP
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- %TEMP%\cld.zip
- %TEMP%\insHv3.cld
- %TEMP%\tmp4.tmp
- %TEMP%\tmp3.tmp
- %TEMP%\insHv3.exe в %TEMP%\cld.exe