Техническая информация
- '%TEMP%\aeabcabfbbbc.exe' 4-5-9-5-2-5-1-1-1-5-1 K0tAPzsrHy5SUEFMRDs4LhsuTURPVktNQkRCOC8fLj9IT09APzsrHy5CREM5KxcqTk1OQ1Q+U1tEOzguGy5SRE1VQU1WUFBHPGdzb282KiZuY211LXNjZClcZ2srX2BzYCloamFmGy0+S0hCRkhAOBcqQiw8LDAbLkAtNCgvGy5DMjgsLRsmPzI4LDAfKkMxOCQsHipPUU4/VD9PVktQRFVAQlQ8HCpHTU0/VEJTWkRRRzg4HipPUU4/VD9PVkk/SEQ8HypEVEBWUFBHPB8uQFdBWjpIQkdITUQ4HytDRk5SWkFRTlJSQU00LR4qU0dASUpVSkxaU01LPB8qU0VIPDgvLzEvMjA4MTEwGy1RTDwxGy5ATig4HipRVE1PSElAVlJDR0JOTEBISTw+QFNNSzwfKkhPWklQTE9ITEQ4c25wXBstTURTVE1NRUk+WlNORFFeP0BVTjQtHipHSENAVzksFypHTl5DWElASUQ6WkNJQlFYS1NBPzRhX2dyZB8qQ0tSRUdNPENeU0RMQTgnLy0rMC4xKzAxJSczOCw4OTE0Hys/RlJMR05AQ1pITDgoLTUpLy0vKTA=
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81420374548.txt bios get version
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81420374548.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81420374548.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nsl2.tmp\llff.dll
- %TEMP%\insHv3.aeabcabfbbbc
- %TEMP%\aeabcabfbbbc.zip
- %TEMP%\insHv3.exe
- %TEMP%\nsl2.tmp\nsisunz.dll
- %TEMP%\81420374548.txt
- %TEMP%\tmp5.tmp
- <SYSTEM32>\PerfStringBackup.TMP
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- %TEMP%\aeabcabfbbbc.zip
- %TEMP%\insHv3.aeabcabfbbbc
- %TEMP%\tmp4.tmp
- %TEMP%\tmp3.tmp
- %TEMP%\insHv3.exe в %TEMP%\aeabcabfbbbc.exe