Техническая информация
- '%TEMP%\bcfcabffgbii.exe' 2-0-0-4-5-5-8-4-1-8-8 LVBJQDgsMS0zKRgtU1U+S0Q8OS8YJ0xFVFNKTUNFQzUpHi9ERU5PQUA8Ki0wNjgcKj5BQDwoGC1QUks/UDtQXkE8OzI0MC4sGCtSPUpURVJbUE1EOWdsbG46LytuYGpyLWxgYy1hbGsoXF1zWSZnbmZrGyo7SEg7Q0dEPXNDQz0+SEwoRlBNSEBERERGKz81NVEtKxsnQDA1JS8gL0AtOCUtHyc8MT0tLRsqPDA8JSkeL0QxOCgpHC5ISk1EVT9PWkhOSE45QVk9HCpLSktDTTtSX0VRRzw1HC5ISk1EVT9PWkY9TD01Hi9FVEBaTU5LNRgtRVhBWj5FQEtBRkM9ICtDSktQXjpKTVdTQU04KhwuTEA/TktVSlBXUVFENR4vVkk4LRgrQ0spOyAvTlBJTEVMPVdVRUw/Skg9RUw5P0NVUkg4GydFUldKU05URUhANXBxbV0eL1JBT1BKSkhGP11VU0FNWjw9WEs1MCAvREQ/PVQ8KRgtSVNbP1RGPUxBO11FTj9NVEhQRDw1ZGFsb2AbJ0BOT0ZKT0FAWkRIOTMuJi82NSosNC4qMDAsHi9URUhANS0zKiovNTQvMzQYK0NHT0xMTz0/WkxFTD01Ly8yMSotKC00Iio4NTM2KzQiPUw=
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81422166689.txt bios get version
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81422166689.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81422166689.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nsb2.tmp\xor.dll
- %TEMP%\insHv41.bcfcabffgbii
- %TEMP%\bcfcabffgbii.zip
- %TEMP%\insHv41.exe
- %TEMP%\nsb2.tmp\nsisunz.dll
- %TEMP%\81422166689.txt
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- %TEMP%\tmp3.tmp
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\insHv41.exe в %TEMP%\bcfcabffgbii.exe