Техническая информация
- '%TEMP%\bcfcabffgbhg.exe' 8-6-2-7-7-6-9-9-1-8-8 J0pHPTYrMCgzKRgnTVM7SUM7NC8YJ0Y/UlBITEJAQzUpGClCQkxOQDs8Ki0qMDYZKD1AOzwoGCdKUEg9TzpLXkE8NSwyLSwrFyZSPUpOP1BYTkxDNGdsbGg0LShsX2ltLWxgXSdfaWknW1hzWSZhaGRoGSk6Q0g7Q0E+O3BFMUlIREA9SkZDLk5DQz8vSSooQ0syLRomOzA1JSkaLT0rNyQoHyc8KzcrKhkpOys8JSkYKUIuNicoFy5ISkc+UzxNWUdJSE45O1M7GShKSUZDTTtMWUNORTs0Fy5ISkc+UzxNWUU4TD01GClDUT5ZTElLNRgnP1Y+WD1EO0tBRj03HihBSUpLXjpKR1FRPks3KRcuTEA5SElSSE9WTFFENRgpVEY2LBcmQ0spNRotS05IS0BMPVdPP0o8SEc8QEw5Pz1PUEU2GiZAUldKTUhSQkY/NGtxbV0YKVA+TU9JRUhGP1dPUT5LWTs4WEs1KhotQUI+PE88KRgnQ1FYPVNFOExBO1c/TDxLU0dLRDw1XltqbF4aJjtOT0ZEST89WENHNDYvJjEvLCsrMyUoMxgnTENLPjYrKykxKS0rMjcsGSk7RlZGREc7QlhNQ0Q8PCknKi8tKykrLCExMiwsNDMsIztE
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81422166148.txt bios get version
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81422166148.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81422166148.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nsp2.tmp\xor.dll
- %TEMP%\insHv41.bcfcabffgbhg
- %TEMP%\bcfcabffgbhg.zip
- %TEMP%\insHv41.exe
- %TEMP%\nsp2.tmp\nsisunz.dll
- %TEMP%\81422166148.txt
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- %TEMP%\tmp5.tmp
- %TEMP%\tmp3.tmp
- %TEMP%\tmp4.tmp
- %TEMP%\insHv41.exe в %TEMP%\bcfcabffgbhg.exe