Техническая информация
- '%TEMP%\bcecabffgci.exe' 0-6-8-3-1-7-9-9-2-2-7 L0pBQTwqLi43LxkvTU0/T0I7NC4eKE4/TFROS0JAQjsqICk8RlJNQDs7MCw0LCkdLjxAOzsuGS9KSkxDTjpLXUc9PSwqMzAxFyZRQ0tWP0pcVEtDNGZybXA0JyxyXmltLHJhZSdZbW8mW1hyXydpaF5sHyg6Q0dBREk+NR0uPSg0LzcvMTEsNDEZJjswOyYxGidBMjYkKB4tPTQ3JS4fKDssOysqIClIT049TDpSXUlSQ04+QlI0Fy1OS08+TUBTWDxMSj82IClIT049TDpSXUdBRz06Hyg8T0NdTlJGNR0uPk88XUFGREZBS0Q2FyZGTUxUWTpPTlBKPFA7KSApTEVAR0JQTVNYVUxEOh8oTUQ7MBkvPksuPBkmSVNMTUlHPVxWPkM6TUs+SUc5REROSUM7HihJTVdPVEdLQEtDNnRsbWIfKEk8UlNLTkNGRF5OSjxQXT1BU0s6MRkmP0dCPlg3KR0uQkpWQldHQUdBQF4+RTpQV0lUPzw6ZVpjamMeKERJT0tLSDg7XUdJPSswNS0yLyU1MycyLi0dLk1AREM7KjQsKi04MjAoNR4oRElPS0tIODtdUkJNPzUuLisrJjAuKjUkKS45LSwxLzUjQUc=
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81422205024.txt bios get version
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81422205024.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81422205024.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nsm2.tmp\xor.dll
- %TEMP%\insHv41.bcecabffgci
- %TEMP%\bcecabffgci.zip
- %TEMP%\insHv41.exe
- %TEMP%\nsm2.tmp\nsisunz.dll
- %TEMP%\81422205024.txt
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- %TEMP%\tmp3.tmp
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\insHv41.exe в %TEMP%\bcecabffgci.exe