Техническая информация
- '%TEMP%\cecabfehbde.exe' 5-0-4-4-6-0-4-9-9-5-1 KlBFQDcwHCZKUEFLSUA5KiArRTxPVkpSR0U+PSwXJj9ITlRFQDcwHCY6REM4MBwrSlJLO0w+U1pJQDkqICtKPE1VQFJbUUxMOV9rb281LytvX3JyJWtjZChhbGwnZF1rWCloaWZrHClDSEA6Rkg/PRwrPjE5JCgbLj8yOSkrICs7KjgsLCArQC49KSgXKkMwPSktGi9MSUY/VD5UW0xMSVI4OlQ8Gy9MTklEUTpLWkRQTD05Gi9MSUY/VD5UW0o7TUE0FypEU0VbUUxMORcmQFdAXz9JPkxFRTw4HypIS09OXz5JRlJSQFI5LBovUD84SUpUT1FbT1JINBcqVUg9LhwpRE8oNBsuTVVKUENNQVZOQEs+T0lBQ009PjxQUUc9HCtDU1tJTElTRE1BOW5ycVwXKlFAVFFOSElKPlZQUkBSW0A7WU80KRsuQ0lAQVI9LRcmRFJaRFVKO01FOlZATT5SVUxORUA0XVxrbmUcKz5PU0VDSkA/X0VMNzktJSktLS0xLSosNxwmS0RMQD0tMCwzLCgsLjUxICtASVdKQ0Y8Q1pURUk/PS4mKyoxKzExJiw6LCkxLzUlQUk=
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81423127163.txt bios get version
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81423127163.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81423127163.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nsh2.tmp\fzy.dll
- %TEMP%\rc32.cecabfehbde
- %TEMP%\cecabfehbde.zip
- %TEMP%\rc32.exe
- %TEMP%\nsh2.tmp\nsisunz.dll
- %TEMP%\81423127163.txt
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- %TEMP%\tmp3.tmp
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\rc32.exe в %TEMP%\cecabfehbde.exe