Техническая информация
- '%TEMP%\bicabfebgi.exe' 4-0-5-8-6-7-2-8-1-7-2 K1BEPDcrMSsfKFFRQktBPjYuGC5HQ1BXSkpFQkI1LxktQElOTEM9OyozLy4tICo7Qz07KB8oTk5PP009TV1BQzYvMjkvGClMQ0pVPlBbVU1EN2FybG8zLStzYGpwJ3JgZCZfbHAoXFttXyZoZ2RrICo7RkJBQ0g9OywwNDAyLDcoOCkvNDIuLC0sLy00Kx4rRCw1Kik3MDcsNyw5Gyc+KzslMBktQDM4JSsZLTwzNistICo8LzYrKR8oTk5PP009TV1IUUJUPUNUNRooTkpOPVM/VFo9T0U/NR8oTk5PP009TV1GQEZDOSAqPVI+XU1RRTscL0BQP1hBRUNFR0pFOBgpQU1LU1hATk9SSz9LOyofKFJEQUlDU0hTV1RLSjkgKk5HNjAYLj1RLT0bJ0xOTExIRkNbV0BEPUhLPUhGP0NFUEpGNh4nSExdTlVJTENGQzVza3NhICpKP01TSk1CTENfUEs/S108QFJROTIbJ0JCQj1XNi8cL0RLWT1XRkBGRz9fQEY9S1dIUz5COWZcZG1eHidDSFVKTEo5PlhHSDwqNy8uLC4rJy8qLTAuHC9PQUc+OykzKy4zMTIsMCweJ0NIVUpMSjk+WFJBTD47LS8zJywpLy0pKi82NC8yLCwoOUw=
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81421158385.txt bios get version
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81421158385.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81421158385.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nsy2.tmp\jjff.dll
- %TEMP%\insHv26.bicabfebgi
- %TEMP%\bicabfebgi.zip
- %TEMP%\insHv26.exe
- %TEMP%\nsy2.tmp\nsisunz.dll
- %TEMP%\81421158385.txt
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- %TEMP%\tmp3.tmp
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\insHv26.exe в %TEMP%\bicabfebgi.exe