Техническая информация
- '%TEMP%\bcdbcabecbfh.exe' 9-3-8-5-8-5-2-4-8-7-1 Jk1BPzUsLzQsGS5KUjpLQT87LBgoTTxRT0pKRkdANSofJkFBTkxEQjkpLjEnMxgqO0RCOSgZLkdPRz9NPlJbQT08KTQrMRgqUUFKT0RJXE1NRDhmcGxpOSYsa2BqcSxwYF4sWG1oKFxccl0mYm1dbBgqO0dHP0NCQzQvKi0pNDMvMRkuOy41KCkbLUAqNiwoHSc/KzgrLRgoQys6JSwYKkIxNSYwFyxITUc/Uz9MWE9JRk48O1Q7HCdJUUZBTT5MWkNRRDo8FyxITUc/Uz9MWE04Sj04GCpDVD1YVElJNRsnQFZBVzxMO0lBST04HitASFJLXDpNR1JRQUo2LxcsTEM5SUlVR05eTE9EOBgqUkVFPjwoMSorKCwzMissHyZTRTgqGy1ASyo8Li4uLykxHitKTk1LRkVAV1JDSDtITDxGRTw/QFNORDYfJkZLWkpQTFBBRkQ0cWpwXRstTj1NVElLQUk/WlNPPUteOz5RTjUtHitAQkM8VTUsGCpHT1c9WEU+RUQ7WkNKO0tYR1E9PzVhX2hrXh8mQUdSRkdNPTxYU0BKPTgpLS0vKSgxJy4sJTA1MjMyKjIhPkUbJz9NU0ZFTjhBV0RIOC80LSc3JS8rMyYtLw==
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81420027508.txt bios get version
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81420027508.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81420027508.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nsv2.tmp\aal.dll
- %TEMP%\insHMad.bcdbcabecbfh
- %TEMP%\bcdbcabecbfh.zip
- %TEMP%\insHMad.exe
- %TEMP%\nsv2.tmp\nsisunz.dll
- %TEMP%\81420027508.txt
- %TEMP%\tmp5.tmp
- <SYSTEM32>\PerfStringBackup.TMP
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- %TEMP%\bcdbcabecbfh.zip
- %TEMP%\insHMad.bcdbcabecbfh
- %TEMP%\tmp4.tmp
- %TEMP%\tmp3.tmp
- %TEMP%\insHMad.exe в %TEMP%\bcdbcabecbfh.exe