Техническая информация
- '%TEMP%\bhcabfdbaf.exe' 6-3-9-1-9-8-4-9-8-2-9 KU1AQzQpNS0YLUpPP0dIOzUsFydMPE5URlFCQUA0KB4mPkZKU0A8OScYLTpDQTQvFydMSUdCTD1RVkg7NSwXJ1E8TFM8UVZNTkM1ZmtubTEuJmthaW4sa2JiJGBnaClbWXJYKGZlZWYYKzpERzpFRjs8FydAKDUrKBosOzE0JS0XJ0IqNyooHyY8MDQlLxcpQSw8JCkcJkhQRj5SOlNWSE5ATj86UzoXLkdKSztNQUtZQkxLODUcJkhQRj5SOlNWRj1EPTsXKUJPRFZNTkM1HiY/VTxeOkVAQ0FMPDcdJkdGS1BWOlBGUVA8UTQoHCZMRjhISFBOTFdRSUQ7FylTRDwpGCs7Sy80GixJVEVMRUQ9XU4/STpORD1FRDlFPE9PQzwXJ0VKV1BMSFFATDw1cGltYxcpTzxTTEpKQEZFVk9QPFFWPD1QSzspGiw/SDs9VDQpHiZDUFZDUEY9REFBVj9LOlFQSFA8PDtdW2lqZBcnQEZPTENJPjteQEg5KDE1JSwwKC0pKi0lKi8oGixLSEQ9OSgsMCcwLiovKCgcJjxNTkhJRkA7V1BARUM0KywuLikoLSwiNDEuMDEyJyI9RA==
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81421149382.txt bios get version
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81421149382.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81421149382.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nsp2.tmp\jjff.dll
- %TEMP%\insHMroi.bhcabfdbaf
- %TEMP%\bhcabfdbaf.zip
- %TEMP%\insHMroi.exe
- %TEMP%\nsp2.tmp\nsisunz.dll
- %TEMP%\81421149382.txt
- %TEMP%\tmp5.tmp
- <SYSTEM32>\PerfStringBackup.TMP
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- %TEMP%\bhcabfdbaf.zip
- %TEMP%\insHMroi.bhcabfdbaf
- %TEMP%\tmp4.tmp
- %TEMP%\tmp3.tmp
- %TEMP%\insHMroi.exe в %TEMP%\bhcabfdbaf.exe