Техническая информация
- '%TEMP%\bbfcabfecbhe.exe' 7-9-5-1-9-9-4-3-5-6-9 KEdEQzQnHCxOTzlJQD88JxcrS0BOTkhJRkg7NCwdKj5ATEtEQzQnHCw+Qzs2JxsuR0lLQVA9S1hAPzwnFytQQExNPklaVElDOWVvbmczJipyXGlyK29iXCZYa28kW11xXChgZ11qHyY6SEY+RUA9NBsuOyg5KiwaJj0pOCwoFytBLjckKhcqQys0KS4bKTsuNCgwFyZMT0o+TDxLWk9JQFI+PlM0GSZLUUY7UUBPWTxOQzw8FyZMT0o+TDxLWk04REE6Gyk8UTxaVElDOR0qP08+Vj5MO0NFS0A3Fyg/SlJLVj5PSlFKPkk4MRcmUEU8SEJSRlBeTElIOhspTUY0LR8mO08uOBomS0xJU0BEQVxSP0M8RkhEQEQ9REBPSUU0Gy5ASltPUEhLQkRAPGtpcWIbKUk+S1BRRUBKRFpPSj5JWkM4UE86LRomQUA/RE80LR0qQ0pYO1RNOERFQFo/RTxJVE9LPEA6YVtjbFwbLjtGU0tHSTg9VkRPNC0yKy0uMCcvMy0oLDEdKk5ARjw4MCspLTAsKy0sKhsuO0ZTS0dJOD1WT0hEPDkuKissKCkrMCwhNDcvMTEqKiVARA==
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81423251914.txt bios get serialnumber
- %TEMP%\tmp5.tmp
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\81423251914.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp4.tmp
- %TEMP%\bbfcabfecbhe.zip
- %TEMP%\insHv27.bbfcabfecbhe
- %TEMP%\tmp3.tmp
- %TEMP%\insHv27.exe
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- <SYSTEM32>\PerfStringBackup.TMP
- %TEMP%\tmp3.tmp
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- %TEMP%\insHv27.exe в %TEMP%\bbfcabfecbhe.exe