Техническая информация
- '%TEMP%\ahabcabfbbbc.exe' 9-8-2-0-3-9-7-4-1-3-6 JkhHRDonGStSUjxHQUI9LRcoSkRRUUZKSUlBNCkcLkFDSkxHRDonGStCRj40KB4vTUlIQFRATlZBQj0tFyhPRE9QPEpdVU9DNmRzcWoxJy1zYmlvKnNlXyRZbnAqW1pwYCtjZV5tICw6RUVCSEM7NR4vQSg2KTAdKTsqOy0uFyhAMjonKBgtRDE0Ji0fLD4sNSsxHSZJTk5BTzpMXVBPQE89QlY3FydOUkw7Tj9TXD9MRD89HSZJTk5BTzpMXU4+RD45Hyw/Tz1dVU9DNhwuQlI8V0FNQUNCSkQ6GiZATVNRVjtOTlRNPEo7Mh0mTURAS0VQR1NfUklFOR8sUEQ1MCAsO0wtPB0pSU1MVEZEPltWQkY6R0tFRkQ6Q0RSTEM1Hi9GSlhOVEtOQEVDPXFpbmEfLEw8TFNSS0BHQ15STTxKXUQ+UEw5MR0pP0FCRVU0KhwuRk1WPFdOPkRCP15CSDpKV1BRPD05ZV5mal0eL0FGUEpLTDs7V0dQOigrMy0tKCcmLyAsS0JJRDorKyouNi8wMTMyHSk7R1VOSUY6QF5RQ0Q9OzA0JiktLi8qKC0oMS4xKzA5MC0=
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81420645031.txt bios get version
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81420645031.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81420645031.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nsg2.tmp\jjff.dll
- %TEMP%\insHv3.ahabcabfbbbc
- %TEMP%\ahabcabfbbbc
- %TEMP%\insHv3.exe
- %TEMP%\nsg2.tmp\nsisunz.dll
- %TEMP%\81420645031.txt
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- %TEMP%\tmp3.tmp
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\insHv3.exe в %TEMP%\ahabcabfbbbc.exe