Техническая информация
- '%TEMP%\bbgcabfddeh.exe' 4-4-4-8-1-8-0-5-1-5-7 K0xFPDwsMzEyGyhPUT5ISDw9Kx8qR0FQU0dRQ0k/PCwZK0BFS1NBRDgxMC4uLhwnQkFEOC8bKExOSzxUO1RaSD82LjAzKTAYL05ETU9BTltNUUQ9Y3NvaTYrK2tkanYpc2NeKV1saCxcYW9gKWJqYmsYLjtMREJGQkA5HCdDKT0oMBsoQC45JTAYLz8yOCYtHCs8MzUtLB8qPTE5KSkfJ1BNTj9OP1BbSFFBVjxCVDYcK0xKTjxVPlNaPlFIPTUfJ1BNTj9OP1BbRkBFRThKSExMZV9nJCowLC8pKSovHCdEUEVaVE1FORwrPVc9Xz5MP0VFSkE1HydISlJPWD5OS09SPVI4MRsoUEQ9RkpRT1BeUEtIOWRsc2g6Ki5raXJoZWZkJmNqbCpaX3BlbmBsaWptKlBlamBndms4KWdvZmgcK05MNTIbLj9MLTlnZXJoaV5uGyhOUUpMSEVFWlZART9LST1IRUFCRFBLSDkcJ0hLX01USU1FSUE1c2p1YB8qS0FQUUpNQU5CXlBMQU5bPEBRUzgxGyhERUA9VzUxGy5ETFtAVUZARUk+XkBHP05VSFM9RDhlXGVvYRwnQ0dXSUtKOkBbRUg8KjIsLSwtLiotMTgmMi8zGyhQRUk9PCk0LTAuMjAwMysfJ0RKVklFSz1AV1NBTUA8LCgtMisqLyk1JTY1LTM2MSspOU0=
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81422971284.txt bios get version
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81422971284.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81422971284.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nsy2.tmp\you.dll
- %TEMP%\insHv18.bbgcabfddeh
- %TEMP%\bbgcabfddeh.zip
- %TEMP%\insHv18.exe
- %TEMP%\nsy2.tmp\nsisunz.dll
- %TEMP%\81422971284.txt
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- %TEMP%\tmp3.tmp
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\insHv18.exe в %TEMP%\bbgcabfddeh.exe