Техническая информация
- '%TEMP%\bbecabfecbh.exe' 9-9-7-6-7-7-9-1-2-3-9 JkdCPjYtKjUxHSZKTDtKQj00Lx4sRTxLUElLREBDOy4XJjtCTU1COzwwMiwpKRkpPEI7PC4dJkdJSD5OPEteR0E0KSswKyoZJlJDT008SVhPS0U0Z3JxZzEmKG1ea20tcmVcJFhpaiZdWHNfK2BlXWgaKDxDSEFIQDs0GSk9KjQsLx0mOyk2JyoZJkMxOiQoFyg+LTYkMB4sOyw0JisZKEdRTUFMOktYSktCTUBBVjQXJklMSD1MQlJcPExDOjcZKEdRTUFMOktYSDpGPDxJSkpHYFxpHisnMC4rJyUqGSk+UTxeU09DNBcoP1E+VkJLQUNART43GSg/TlFRVjlJSFFMPkk8MB0mSz86SERSRlRdUklDNGFubWkxLi1tZ21jYmheJ1puayxYWmticFptYG5sLE5gZV1pcGwvLWZxZGMXKFBGNikfLUFKKDRkZ2xpYGJtHSZJTEdOQkY8XlVCQzpGRj9CRjhGQ1JJQzQZKUJMVlFTS0tARD43bWtsZB4sSTxLTkxHQkVGXVJKPElYPjpSSjwwHSY/QD0/UTYoHy1GSlY7Ukg6RkBCXUJFOklSSk0+OzxkXmNqXBkpPUhOTUpMODtWQko2Kyg3LC8qKyUqLSonKDczHSZLQEY/NiorMS8vKyovLS8ZKDtOVUtDRjg9WU1CREQ7LiYoKygsKSosKS83LC4xKy8jSUQ=
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81423233785.txt bios get version
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81423233785.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81423233785.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nso2.tmp\raw.dll
- %TEMP%\insHv27.bbecabfecbh
- %TEMP%\bbecabfecbh.zip
- %TEMP%\insHv27.exe
- %TEMP%\nso2.tmp\nsisunz.dll
- %TEMP%\81423233785.txt
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- %TEMP%\tmp3.tmp
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\insHv27.exe в %TEMP%\bbecabfecbh.exe