Техническая информация
- '%TEMP%\bbecabfebjf.exe' 3-8-4-8-8-7-6-8-4-3-3 LEhFPDUpGidPUj9NQUA1KBkpRkFRVExKR0E8NioYK0FGUExFPDUpGic/RkE6KBwnSEtJPFFAUVxBQDUoGSlLQU9TQkpbTUpFN2BwcW03JytrXWtwJnBlYipZbGglXVtsXStma15rGCc8RkE/SEZBNRwnPCo3JS0dLEEqOSUpGSk8LzoqLhgrPCw2JykcLEEyNSkpGChKSktBUkBMW0hKQlA5P1Y6HSdMSkc9TztQXEJSRD01GChKSktBUkBMW0Y5Rj81HCxCVT1bTUpFNxgrQlVCVz9FPEVDRkE6HSxAS0tMWDxKS1RQQko5KBgoTkA9S0hWR1FXTUtGNRwsU0o1LhgnPU0pOR0sT01KTEFGP1dTQklAR0k9QUY7P0FST0k1HCdBTFlKUUtRRkVBNWxrb10cLE9CTFFKRkJIP1tSUEJKWzw5Uk01Lh0sRUFAPVA2KxgrRlBcPFVGOUZDO1tCS0BKVUhMPj41Yl5pcF0cJzxIUUZITD5BV0VINTIrJi4vKy8pMCYpLi0YK1FGSj05KSwrKyozLy02LxwnPEhRRkhMPkFXUEFFPjcpKy4xLCosKS0jMzIwNTcuLyZIRQ==
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81421945950.txt bios get version
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81421945950.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81421945950.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nsf2.tmp\raw.dll
- %TEMP%\insHmar.bbecabfebjf
- %TEMP%\bbecabfebjf.zip
- %TEMP%\insHmar.exe
- %TEMP%\nsf2.tmp\nsisunz.dll
- %TEMP%\81421945950.txt
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- %TEMP%\tmp3.tmp
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\insHmar.exe в %TEMP%\bbecabfebjf.exe