Техническая информация
- '%TEMP%\bhcabfcbff.exe' 6-4-0-7-3-7-4-3-1-0-6 KUxJPToqLTUzIClNUUJJRj05LR8vSD9QV0hPREVBPDEaKUBJTFFCQDo0OS4tHC88Rj05LR8vSkxLRE5ATVtGQz0sLC04GSxMQU9VRUxZUVJFOmFwcW86KSlvZWtzJ3BlZC1bamwtXV5tXStobmBpHC88SUI/SEhEN1NLVUtcPEhGQktZQ0AgKEEqOUtUTTw/TiAoQSs5S1RNPD9OIChBLDlLVE08P04gKEEtOUtUTTw/TiAoQS45S1RNPD9OIChNS0tBVENOWUxSQlM6P1Y8IClKTk89UjxQXERVRjs5IChNS0tBVENOWUpBRkI2HCxEWD9ZUVJFOhkrQldFWT1JREVGR0E6Hy9CSU9UWD9LS1RSRUw3LCAoUUE9S0pZSU9bVUtJNhwsVU03LBwvPVAqOR0uUk9IUElGQlhTQktDSUdBSUY+QEFSUUw3GitJTFxLUUtTSUc/OXRrcl4cLFFFTk9OTkJLQFtSUkVMWUBBUlA2Lh0uSEM+QVg2LhkrRlJfPlNKQUZGPFtCTUNMU0xUPkE2Yl5rc18aK0RIVEdITEBEWUNMPTEvJy4uMC4sLC8uLB0oUEZMRTcrMDIpMyouNTc1GilAT1BLRUs+Q19OQ0lFNi4oMywxMCsvJjYzMSo2LzQqO0c=
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81420757528.txt bios get version
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81420757528.txt bios get serialnumber
- %TEMP%\tmp5.tmp
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\81420757528.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp4.tmp
- %TEMP%\bhcabfcbff.zip
- %TEMP%\insHMad.bhcabfcbff
- %TEMP%\tmp3.tmp
- %TEMP%\insHMad.exe
- %TEMP%\81420757528.txt
- %TEMP%\tmp5.tmp
- <SYSTEM32>\PerfStringBackup.TMP
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- %TEMP%\bhcabfcbff.zip
- %TEMP%\insHMad.bhcabfcbff
- %TEMP%\tmp4.tmp
- %TEMP%\tmp3.tmp
- %TEMP%\insHMad.exe в %TEMP%\bhcabfcbff.exe