Техническая информация
- '%TEMP%\bhcabfebee.exe' 2-5-7-0-3-3-4-4-4-2-1 LUtCRDovMzMzHi5RUDtQRkE5LBwtTUNPUE9PSEVAOS4fLT9CU1FGQDkuMy82NBkvQEZAOSweLk5NSERSQFBbRUI8LzEyNB0sT0FOVERQWk5SSTpkcHBuOS0qbGVvcypwZGMsX2tpLWFecF0qZ21kahkvQElFP0dHQzswKzg2NC80MC4wMi0pNjAxLjAsHi5CLDYxHSxALjkrMB4qPTM6Ki0cK0IzOygqICxBMTkpLx8tS0tPQVI/UFtOUUdROkNWOhwrTFBOQlA8VFxCUUg9Ox8tS0tPQVI/UFtMQEtANiAsQlRBW1NRSjgZL0JVQVs/S0NKREdFOh0rREtRU109S09UUEFOOTAfLU9BQUtIVUtRXVRQRzYgLFNJOS4eLkJOKj0dLE5RSlJIS0BYV0JJP0tJQ0hLPEBFUk9IORwtSFFaS1VLUUVJQTtzcHBeICxPQVBRUE1HSUBfUlBBTltCQFdONjIdLERFQENXOywZL0ZQW0BVTEBLRDxfQks/TlVOU0M/NmZeaW9hHC1DTVJHTEw+QFtFTjwxLCcxMDIqLS42LS8xGS9RRklBOS8zMCsvMzEvMCwcLUNNUkdMTD5AW1BHTEM4Ki80LC4sLTMpLy0zMzQ3LiwmTkw=
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81421144762.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81421144762.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nsf2.tmp\jjff.dll
- %TEMP%\insHv26.bhcabfebee
- %TEMP%\bhcabfebee.zip
- %TEMP%\insHv26.exe
- %TEMP%\nsf2.tmp\nsisunz.dll
- %TEMP%\tmp5.tmp
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- %TEMP%\tmp4.tmp
- %TEMP%\insHv26.bhcabfebee
- %TEMP%\bhcabfebee.zip
- %TEMP%\tmp3.tmp
- %TEMP%\insHv26.exe в %TEMP%\bhcabfebee.exe