Техническая информация
- '%TEMP%\bbacabfdcig.exe' 3-8-8-1-5-6-3-5-2-1-7 LEhBQzgzLzIyHyhQTTpPRD46Kx4uR0JMT05NRUY/OzAZLDxBUk9DQTgwLyouKxguPkNBOC4fKE1KR0NQPVFaR0M2LjEqNzEaLE5DUU9CSldUTUY6Y3JzaTcnJ3JgbHMpcmdeKllobyheXm9fLWJrXmcfKj1JREFKQkE1GC4/KzooLx8oQSo1LCwaLD8xPCYuGCdDLzcqLB4uPTI1JTAbKU1NTUNOQExXT01DUzxBWDYdJ0hRSj5SPlJePlJEOTwbKU1NTUNOQExXTTxHQjhRZG1yaB0xKz1vXGFqHi8oPnRnZh0qQ1c+XE1KSzgaLEBWRFhARTxLREhCOB4uQUxLTF49TExSUURLOioYLk9CPklJWEhSV01RRzcdKlRMNi8YJ0NOKzobLVFOS0xBTEBZVEBKQkhKPUFMPEFCUFBLNh0nQVJaTFJJUkhGQjVscXBfHSpQRE1SSkZISUFcUFFES1w8OVhONy8bLUdCQT1QPCwaLERRXj1WRjlMRD1cQExCS1ZITEQ/N2NcanJeHSc8TlJISUo/Q1hGSDUwLDErLiwwKS8mKjAvGixPR0w+OiksMSsyMjMyMCwdJzxOUkhJSj9DWFFBRUQ4KywsLi4rLSktKS00Mi44MiwnOUU=
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81422237662.txt bios get version
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81422237662.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81422237662.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nsx2.tmp\utu.dll
- %TEMP%\insHv17.bbacabfdcig
- %TEMP%\bbacabfdcig.zip
- %TEMP%\insHv17.exe
- %TEMP%\nsx2.tmp\nsisunz.dll
- %TEMP%\81422237662.txt
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- %TEMP%\tmp3.tmp
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\insHv17.exe в %TEMP%\bbacabfdcig.exe