Техническая информация
- '%TEMP%\cld.exe' 7-7-6-8-2-6-3-2-6-8-5 KElDPDsqHS1NTT1JQj41LhosTD9MUkhLRUFCNy0eKTxETE1DPDsqHS09QT82KRonTkxMQk87T1hCPjUuGixRP0pRPktZTVBGOmZubGszKClrY2xzLG5gYCZaamgrXl5yWyZkZ19pGC09SUc9Q0Q9NhonQis6Ly4oLBkoPio7Jy4eKTwuNiYrGC0+MTsnKRsoPS81KysdLUpKSj1OPUxdSk9HUDk+UjYaJ05MTEJPO09YPk9EPzcdLUpKSj1OPUxdSD5LPzUbKD5SPV1PT0o3GCo+UT9XQUdBSkNGQDYZKUBNTVFdPEpKUEw/SjsqHS1OQDxHRFNHU1lSUEY1GyhNQ0VDNy4yLCgrMSwvMTYaLFRHNS0ZKD5LLzcdLUxNSU1CRz1dUUJKPUdIPkJHOUU/UlBGNRsoQk1XUE9LUkNFQDZtbG1jGixQP0xQS0dDRkVZUlE/Slo9OlNLOywdLUJBPz5RNykeKUZRWTxURzpHQUFZQkw9SlRJTT88O2Beam1dGyg9SU9MRkw/PldPQkY/NS8pLi0sKCwuIy0yMTM3MzIiPEYZKTxNUUtKSTk/WEJKNTMoNiwrKDInLDI=
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81420095842.txt bios get version
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81420095842.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81420095842.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nss2.tmp\bvc.dll
- %TEMP%\insHMroi.cld
- %TEMP%\cld.zip
- %TEMP%\insHMroi.exe
- %TEMP%\nss2.tmp\nsisunz.dll
- %TEMP%\81420095842.txt
- %TEMP%\tmp5.tmp
- <SYSTEM32>\PerfStringBackup.TMP
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- %TEMP%\cld.zip
- %TEMP%\insHMroi.cld
- %TEMP%\tmp4.tmp
- %TEMP%\tmp3.tmp
- %TEMP%\insHMroi.exe в %TEMP%\cld.exe