Техническая информация
- '%TEMP%\bbdcabfecjf.exe' 1-6-6-5-7-7-1-4-5-2-6 LkpDPzYsLy4tHilSTzxLQj08LBstSEROUUpLREhAOC4aLj5DTk1CQzktMjAvKxoqPEJDOSseKU9MST9OPFNbREI3MDAzLxkoUkFNVD9RWU9NRTZncG9uNC4pbWBrby1wY2MnYGpqKF1ac10pZ2hlaRoqPEVIP0ZHPjxxKkAyRUouUEJQSz0qLD1BL0pIUz5AMUUbKD0wOS4xMTUuKxsoPTE5KC8aLj4tOCYqHys/MjcsKxoqPS48KSweKU9MST9OPFNbS1BDVTs9VDYZLkxNTT5UPU5aPk5LPTgeKU9MST9OPFNbST9HRDcaKj5RRFtQUEY8GilAUT5eP0hCRkhIPzgZKEdLTlJZQUxJUkw+UTktHilTQjtJRFJOUVpTTEs3GipPRjwuGy0+Uis3GyhLVEpPR0dEWVFARTxOSUBHR0BBP1BLRTwcKkdNXkxPSU1CTEE4cmx0XxoqSz5TUU1MQ01BWVBMPlFbPz9TUjcsGyhBSEBAVjcwGilETFhDVUk/R0g9WUBHPFFVS1I/QzdgXGVsZBwqQklWSEZKOj1eRUs7MzgoKzQvJzUsKTMuHylOREY+PC0vMCswMSsxKzIfKz9NUU1GSTw9WFNFSEM3MCkrLigrLy0wKC85Ly01LTIpTEg=
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81423236122.txt bios get version
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81423236122.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81423236122.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nsy2.tmp\hoy.dll
- %TEMP%\insHv27.bbdcabfecjf
- %TEMP%\bbdcabfecjf.zip
- %TEMP%\insHv27.exe
- %TEMP%\nsy2.tmp\nsisunz.dll
- %TEMP%\81423236122.txt
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- %TEMP%\tmp3.tmp
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\insHv27.exe в %TEMP%\bbdcabfecjf.exe