Техническая информация
- '%TEMP%\bcecabfdhbfi.exe' 2-1-5-9-8-8-3-5-1-1-4 LU9EOzUrLS0xHytRVD1HQTw6Kx8uSkNTUkZKQ0Y/PC8cLUNESkxBQTgxLy43NhsmO0FBOC8fK05RSjtNO1FaSEM5LzU0KxgnUEBRVUFQXlBJRDVlb3NvNi0ublxqbitvZ2QpX29rJFxZcVwtaGpkbhsmO0RGPkpIQDt2My4rKS4yRkdPN0QrQCpARCwvSjRHTUoXJzwuODI1MTI0LRcnPC84LDAcLUMuNCUpHSpDMzkrMBsmPC06KDAfK05RSjtNO1FaT1FFVEA+UDUYLEtRTkBTQk9WPU1JPDwfK05RSjtNO1FaTUBJQzwbJj1QQlpUUUg7Hyo8UD1cPkxDSEdNQDQYJ0VKUlNbQFFKTks9TzgvHytSRzxFQ1FMUF5UTko8GyZORTotHy5AUTA4FydKUklTSElDXlI8RDtMSERIST9GQExKRDobLkhPXVFQRUxBSkA8c25zZBsmSj1RUFFNRUxGWkxLPU9aQ0BVUTwtFydARj9EVzkvHypAS1dBVE1ASUdCWjxGO09UT1NBQjxhWGRrYhsuQ0tVTUdGOTxcRE88LjAvKSgwKSssMTUqNzAbJkxBSkA8MDAwMSwpLC42Mh8uQE1WSUNHOUFaU0hJQzwsJiosLC0vMDEoNTUqMDIuMilPSQ==
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81422341230.txt bios get version
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81422341230.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81422341230.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nsq2.tmp\xor.dll
- %TEMP%\insHv22.bcecabfdhbfi
- %TEMP%\bcecabfdhbfi.zip
- %TEMP%\insHv22.exe
- %TEMP%\nsq2.tmp\nsisunz.dll
- %TEMP%\81422341230.txt
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- %TEMP%\tmp3.tmp
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\insHv22.exe в %TEMP%\bcecabfdhbfi.exe