Техническая информация
- '%TEMP%\bbgcabfddbhf.exe' 3-2-6-3-1-9-4-5-0-4-7 LE5DQTwwLjI0HChQUzxNSDs5KyArR0JSUUxRQkU/PS0ZLEJDUFNAQDgyLCouMRosQkBAODAcKE1QSUFUOlBaSUA2LjcsNTUXK05FTk9CUFlSUUM5Y3RwaTctKXBkaXIpdGReKl9qbSxbXW9hKmJrZGkdLjpIRENHQkE7GixDKDkoMRwoQTA3KjAXKz8zOSYuHilBMzQpLCArPTI7Jy4fJkxNT0BOQFJZTVFAUjxDVTYdLUpPTjtRPlRbPlJKOzofJkxNT0BOQFJZS0BEQThTYW1ybh8vLzpuXGNnHi8uQHJrYxwqRVQ+XFNMSTwXK0BYQVhASz5JSEVBOCArQUxRTlxBSUtSU0FLOjAaLFM/PUlLVUhSXU9PSzQcKlZJNi8eKUFSKDkbL05OS1JDSkRWU0BMP0hKQ0NKQD5BUFJINh0tQ1BeSVFJVEVGQjtub3RcHCpSQU1SUEhGTT5bUFNBS1xCO1ZSNC4bL0RCQUNSOjAXK0RTWz1WTDtKSDpbQE4/S1ZOTkJDNGJcbG9eHS0+TFZFSEpBQFhGTjcvMScqLDIxJzU2KC4wJxwqVEVGQjsrMTEoMCszMy8xHilBTk5KR089PVxSQ0pENC0qMTIoLy4rMikoLDUyLjMxMiQ+TA==
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81422246488.txt bios get version
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81422246488.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81422246488.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nsb2.tmp\you.dll
- %TEMP%\insHv18.bbgcabfddbhf
- %TEMP%\bbgcabfddbhf.zip
- %TEMP%\insHv18.exe
- %TEMP%\nsb2.tmp\nsisunz.dll
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- %TEMP%\81422246488.txt
- %TEMP%\tmp3.tmp
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\insHv18.exe в %TEMP%\bbgcabfddbhf.exe