Техническая информация
- '%TEMP%\bhcabfdbff.exe' 6-4-0-7-3-7-4-3-1-0-6 KUxJPToqNTMfL01PPlBCQTYsHS5OP05TT0tIQkA6LyApPkVTTUY9OS4zNDAaK0NCQTYsHS5QTElAVTxRWEVBPDEtMDIgKFA+TlNEUllPTkw2ZW1wbTkvKW1hcm8rbWRiLGFqailkWnFaKmZtZmkaK0NFRjxHRkM9GilAMTYuKTE2Hy8+LDktKh0oQDA8LSsaK0QtOiYtHS5ELzcpMRksSU5MQ1U9TltQS0ZPPUBYPRopTFJIQU4/UV5FT0Y9PRksSU5MQ1U9TltOOko+OR0uRVI/W1VLSTYcLERYP1k/TT1JQkpCPCApQktTTVw7TkxWUz9MOTAZLE1EPk1LU0lRX05PRTkdLlZHNy4gKEFMLTofL0xPSlRCSj5bVERMPUlJRUJKOkNCVFJGNxwvQlBYTlJNVENHQT1tb25hHS5SP05RUkdGR0NcVFM/TFtEOlZMOS8fL0JDQEVROiocLEhTWT5VTjpKQj9cRE49TFVQTUI9OWNgbG1fHC89TFBKSU5BPllFUDY1KyovMDEoLC4zJzAZK1FITT83LTQrLS8tLzc4LxorREhUR0hMQERZTkVNPjoqKzQuMiorMSovNy0tNzE1JDtJ
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81420756868.txt bios get version
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81420756868.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81420756868.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nsf2.tmp\jjff.dll
- %TEMP%\insHMroi.bhcabfdbff
- %TEMP%\bhcabfdbff.zip
- %TEMP%\insHMroi.exe
- %TEMP%\nsf2.tmp\nsisunz.dll
- %TEMP%\81420756868.txt
- %TEMP%\tmp5.tmp
- <SYSTEM32>\PerfStringBackup.TMP
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- %TEMP%\bhcabfdbff.zip
- %TEMP%\insHMroi.bhcabfdbff
- %TEMP%\tmp4.tmp
- %TEMP%\tmp3.tmp
- %TEMP%\insHMroi.exe в %TEMP%\bhcabfdbff.exe