Техническая информация
- '%TEMP%\bfcabfcebeb.exe' 3-9-6-8-8-9-9-6-7-7-1 LEdDPDUpLjEwGS5QTDxIQTs0KhkoTUJLUUdKQkA+NikfLDtDS0xAOzcrLjIxLRonO0A7NykZLk1JSTxNOktZQj08Li0zLBgmSj9LT0RPVk9KRDRfbm1pOSwmbV1qbSVuYV4sXmdqJVxYa1snYm1jZhonO0NAPURCQzouMiwoLywwLzEwMSkqLC8vLjEvGS5BKDcpGCY7LDYmMB0mPis1JCgaKD0zOiQrGCc7LDcmKh8sR0xHPEw6TlhJUUZNOztRNBcpSUtOQUw9TFc8TEY6Nh8sR0xHPEw6TlhHQEo8NxgnPE8/WE5RSTQaJz1PPFk8RkNJQEg9NRcmQkhMU1w5TEdPSjxMNiwfLEtCOUZCUElOWFRPQzcYJ01ENysZLkFKKzUYJklPR01ISjxZTz1DOklGPkhKOEE9TUlDNxkoSFBWTE1GS0BHPjZzb2xfGCdJPE5OS01GRUFXTUo8TFg9QFZKNyoYJj9DPT5XOigaJ0FKVj5SR0BKQD1XPUU6TFJJU0I7N15ZY2pfGShDTE5IREc4O1lCSTwxLSgpMC8lLyknMDMrGidMQEQ/NiozLycuLzAuLjAZKENMTkhERzg7WU1CTEI0KyctJikqKi4pMjEsLjIoLSRJRg==
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81420491123.txt bios get version
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81420491123.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81420491123.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nsl2.tmp\kkss.dll
- %TEMP%\insHv10.bfcabfcebeb
- %TEMP%\bfcabfcebeb.zip
- %TEMP%\insHv10.exe
- %TEMP%\nsl2.tmp\nsisunz.dll
- %TEMP%\81420491123.txt
- %TEMP%\tmp5.tmp
- <SYSTEM32>\PerfStringBackup.TMP
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- %TEMP%\bfcabfcebeb.zip
- %TEMP%\insHv10.bfcabfcebeb
- %TEMP%\tmp4.tmp
- %TEMP%\tmp3.tmp
- %TEMP%\insHv10.exe в %TEMP%\bfcabfcebeb.exe