Техническая информация
- '%TEMP%\bcbjcabedghd.exe' 7-9-0-7-9-6-5-9-6-6-2 KEdJPTQsLioaKVFOOVBCOzcrFylIQ01OT0tCQz80KhotPUBTTUA+OCkuMC4qFy88QD44JxopTktGRE46TlpAPjcvLzA0GSZNQElQP1BYTFJFNGJva2o0LShqZWttKG9fXydfaWctXVhuXCVjaGRoFy88Q0M+QkM+OyknNSsoKzQwMCovMCoxLSgwMC0tMR4oOzE2RU9IOT9MKiknNSsoKzQwMBotPSk9JigaKjstNysqFy89KzcoKBopQi40LSoXKUtJST5TPEtfSUlDUTg9UzsZJlBLRj5QOk5ZQ05DQTYXKUtJST5TPEtfRzhHQDQaKUNRPF9OSUY4Fyk/Vj5WQ0Y7RkRFPzceKD9PTEtZPUlJUVE+ST0rFylPPztISVJGVVhMTEc0GilSQkRFNiguLC8zLy4pJzcZJlBINCwaLT1KMTYXKU1MSE5HRjxfUDxGPkZHP0dGOEc+TExHNBopR0xWUk5FTkREPzdya2xlGSZMQEtPTExCRUdYTE1ASVk+P1JKPSsXKUNAPj9WNiggKEBNWjtTSD9GQENYPEg+SVNKUj47PV9YZm5cGilCSE5ORUY7P1ZOQ0s+NDErJis0JiwqLy0hMSsxLjExLjEoOkQgKDtJUkVGST89VklJNCszLSgsMColMSkrKC0pMA==
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81420464243.txt bios get version
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81420464243.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81420464243.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nsa2.tmp\ccf.dll
- %TEMP%\insHv21.bcbjcabedghd
- %TEMP%\bcbjcabedghd.zip
- %TEMP%\insHv21.exe
- %TEMP%\nsa2.tmp\nsisunz.dll
- %TEMP%\81420464243.txt
- %TEMP%\tmp5.tmp
- <SYSTEM32>\PerfStringBackup.TMP
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- %TEMP%\bcbjcabedghd.zip
- %TEMP%\insHv21.bcbjcabedghd
- %TEMP%\tmp4.tmp
- %TEMP%\tmp3.tmp
- %TEMP%\insHv21.exe в %TEMP%\bcbjcabedghd.exe