Техническая информация
- '%TEMP%\bcgcabfecbjf.exe' 1-0-7-4-4-3-1-0-5-6-3 LlBCQDkuNzQyLh0uU04+TEZDPSsaLE1FTVNLT0pJPzcuHy89RU9RSEQ4LDI3MCwcK0BIRDgqHS5QS0tAUkJUWkNBPDIsNS42Hy9OP09VRUtbUU9LPWNucW86KCtvYnF2KW5lZC1abGwqY2FvWytobl9rHCxCTEQ9SEhENhwrQTA9KCsdLkQrOSkuHy8/LTosMRkrQDE8LSwaLEM1NiktHS5QTUlBVENNW0xPSFY8PVY8IChMTkxDVT5OXERVRT05HS5QTUlBVENNW0o+TEU4TWJzdWkcK0JXRVpPT0s9GStBVURfPkdBS0lHQTkdLkhKTVFeQktLU1BEUjgsHS5UQT1KSFhPUFlSUUw2HCtTTD0tGixDUyo5LS0zNDEaLFFVR1BFSkRfUj9JQk9GQUVKQEdAT09LPRkrRVBeUlBIUUhNPjlwb3RlGylPRFROTkpGTUdaT1BEUlhAPVZSPS0aLEdJPUFUOjAgKkNQXkRSSj1KSENaP0tCUlJMUEJDPWFbaXJlGStATFZOR0k+Q19CTDk2MC4yMCswOCwqLjE2ICpORkxFNi0wLzEyMzAvMzQZK0BMVk5HST5DX01FSUI8MSosMy4yKS0xJzI6Lio3MzQjTEk=
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81423376885.txt bios get version
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81423376885.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81423376885.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nsc2.tmp\eor.dll
- %TEMP%\insHv27.bcgcabfecbjf
- %TEMP%\bcgcabfecbjf.zip
- %TEMP%\insHv27.exe
- %TEMP%\nsc2.tmp\nsisunz.dll
- %TEMP%\81423376885.txt
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- %TEMP%\tmp3.tmp
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\insHv27.exe в %TEMP%\bcgcabfecbjf.exe