Техническая информация
- '%TEMP%\bcdbcabebbcca.exe' 0-5-8-0-8-9-1-4-0-7-5 L0tBRDUqLy4yGSpTUDpQQTs8LCAoSUVPT09KQkhAPSkbLz9BU0xAQzkxMDI1GydDQTs8LCAoS1JKPFU7S15FRDYsNjQsICdKRE5WPk1fUEpMNV9zcHAzKi9uXXJuJXNkZSZccGslZFlrYCppZ2FvGydDREBCR0k9OFpyXFhOZ1lAMWFIel9iTWJadklTKStNQkUyREtQc009XnRUT0lvRUItaUYtRXVGemRkWWZRcElUUBgvPCg8MTYtMTYyGC88KTwpMRkqRC41LSkXLkA0NigxGydELTQsLSAoS1JKPFU7S15MUkJRQT5RPRgmT05PPVBDT1dFTUNAOSAoS1JKPFU7S15KQUZAPRsnRVA8XlFSRTggKj1YPVZCSURFRE5ANSAnP05PVFg9UkpPUz1JPCwgKE9IPEZLUUZUW1VLRz0bJ1RBREQ5MS0tMCsoNzApNRwvT0g9LRgvPEowOSAoTVVJTElFPF5TRUU+T0g9SUU4RkFVS0c9GydJS1ZRUU5NRE1ANXRqbGQcL0tAVFBKTkFFRltVTEBSWjxBUUo8LiAoQ0k/PVg1KB8rSUxaRFRGQUVAQltFRz5SVEhUPTs8YmFlbmUbJ0RHTk1ITzo/X09BTT00MC4vLCwvLSgxLCE1NjMwNTAxIkFFFy5AT1BJTEo5RFdATzk3MCk5MCYyKjAtLTI=
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81420019648.txt bios get version
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81420019648.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81420019648.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nsp2.tmp\aal.dll
- %TEMP%\insHv3.bcdbcabebbcca
- %TEMP%\bcdbcabebbcca.zip
- %TEMP%\insHv3.exe
- %TEMP%\nsp2.tmp\nsisunz.dll
- %TEMP%\81420019648.txt
- %TEMP%\tmp5.tmp
- <SYSTEM32>\PerfStringBackup.TMP
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- %TEMP%\bcdbcabebbcca.zip
- %TEMP%\insHv3.bcdbcabebbcca
- %TEMP%\tmp4.tmp
- %TEMP%\tmp3.tmp
- %TEMP%\insHv3.exe в %TEMP%\bcdbcabebbcca.exe