Техническая информация
- '%TEMP%\cecabfihcdb.exe' 2-3-9-0-3-5-9-3-5-3-2 LU1ARDowLTIvHS1RUjlQRj80LRssTENRTk9PRkBBOC4eLUFAU1FEOzozNC4vHSZDRj80LRssTlBMO1VAT1ZGPzo2LzUoICxOPE9RQlBdUklMOmNrcWs3LS1wXHJzKWtlYCpfbm0kZF5vWCtka2RtHSZDSUQ6SERBOx4sOzE6LCstMC0uLh0mRC84Kx0qQTE7LhcvQS80KiwdLUIyNC0uGyZNTUxCU0BLX01NQFM8QFc7HSZQT0o7Uj5RXUNSQ0E6GyZNTUxCU0BLX0s8REI4YG1icmlpIi0nbW8iMC5gaiUvK2pscG9hYx0mRVVAVlJNSTseLDxYQlo6Sj9JR0xCNCAsQ0ZQT1xAUExOU0JNNC8bLFJGPkVLVkpMXFBPSjsdJlZKOCkdKkFRLzoXL09QRVFESkNdVDxMQEpEQkRKP0VCTFJJOBcsRFBdUFJFVEZIPDpvb3NjHSZSQk9MT0lGTEVcTFNCTVZBPFZROy8XL0VEO0JTOi8eLEBTXD9QSzxKR0FcPE5ATVBNT0JCO2NYbHBgFyw/TFVMSUZBQVpATTguLjcrMDcrLCgzKTYzHixLSUpANC4vLzEuNScwMCwXLD9MVUxJRkFBWktGSEI7MCwrLy8rKDIlNTguLTEzLiVHSg==
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81423241430.txt bios get serialnumber
- %TEMP%\rc72.exe
- %TEMP%\tmp3.tmp
- %TEMP%\tmp4.tmp
- %TEMP%\nsp2.tmp\nsisunz.dll
- %TEMP%\rc72.cecabfihcdb
- %TEMP%\nsp2.tmp\rbc.dll
- %TEMP%\cecabfihcdb.zip
- <SYSTEM32>\PerfStringBackup.TMP
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- %TEMP%\tmp3.tmp
- %TEMP%\rc72.exe в %TEMP%\cecabfihcdb.exe