Техническая информация
- '%TEMP%\bccccabedhcch.exe' 0-5-5-1-3-1-0-0-9-0-8 L0tEQzovIC9KVTpQRD88LR8vTjxUT09NRkhBPDAgJkRBU09EQzovIC86STw9KxsuTVFPRExDTF9EPzwtHy9TPFJORU1aVE9LPWhrdGg6KipyYnF2LmtoXS1ca28qY2F0WC5hbmFqHyxCTEk6S0FEOBsuQTA9LSggJ0QtOCwuHy9EKj0lMRsqQzE8LTEXLzw1OCgwHS5QUkZETUNPWk9PSFZBOlk1ICpLUUxDVUNLXz1VRzw8HS5QUkZETUNPWk0+TEU9Fy89WEBaVE9LPSAmRVBFWj5MQUtJTjw9GC9DSlJRXkJSRldLRU04Lx0uVEg4TkNZSlBeUlFMPRcvTElIQDwuMzE5KTEuNjM0HyxVTT0pICdETiw8HS5SVUVUQU1AWlZCS0NPREVBTTxCRFJRTD0XL0FTWk1US1NJTTw9bHJwYB8sUUVUTFJGSUlCXlJSRVJWRDlZTjgxHS5ISTtFUD0sGy5GUl9EUE45TUQ+XkJNQ1JQUExFPzhlXmtzZRcvPE9SSUtMQERfS0lFRTgsMSwxMi8pMCk0JS05MjA6MjAqOU0bKkNMVk5MRkE8X0RLPC43OC4wOCY2NCkwMTE=
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81422171244.txt bios get serialnumber
- %TEMP%\insHv22.exe
- %TEMP%\tmp3.tmp
- %TEMP%\tmp4.tmp
- %TEMP%\nsm2.tmp\nsisunz.dll
- %TEMP%\insHv22.bccccabedhcch
- %TEMP%\nsm2.tmp\ooi.dll
- %TEMP%\bccccabedhcch.zip
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- %TEMP%\tmp3.tmp
- %TEMP%\insHv22.bccccabedhcch
- %TEMP%\bccccabedhcch.zip
- %TEMP%\insHv22.exe в %TEMP%\bccccabedhcch.exe