Техническая информация
- '%TEMP%\bbdcabfecbfb.exe' 4-1-2-3-9-3-4-0-4-3-9 K09HQTQwLDIuHSZPVEBNQEE5MBwsRUFTVUxJSEVEOS0XK0NHUEtGQD0uMS0sMB4sOkZAPSwdJkxRTUFMQFBfRUE0LTU3MRcsT0VOUzxOXlNPQzpkdHBtMSsucWJpcyp0ZGIkXW9uKltecGEqZmVibh4sOklFQ0dGOzl2QUktTkkySjU9NVRGLjtFQzlDLi4+SUUdJkEtPS8wLjIzLx0mQS49KS4XK0MxOiQuHC9AMTQpMB4sOzI5LS0dJkxRTUFMQFBfTE9AUkBBVjQdK1BOTDtRQlJcPFJIQTkdJkxRTUFMQFBfSj5EQTweLDxVQV9RT0M5Hy1CT0JbQ0lBQ0VNQzoXLERPT1FWPlFNVEpCTj0uHSZQRz9LQlZLVVtSSUg8HixNSjkyHCw7TzA7HSZPUU5QRkRBXlVCQ0BLTUFGRD1GQ1JJSTkgK0ZKW1FTS0tGSUU5cWlxZB4sSUJQVU5LQEpGXVJKQk5fQD5QTzwwHSZFRURBVTQtHy1GSlxAWUo+REVCXUJFQE5ZTFE8QDxkXmNwYSArQUZTTUpMOEFbSUw6LjUtMDIpKy4xNCsrHC5SRkRCOTEwLygtNTc0KjEcL0BMTkpLTT47XFBJSUI0LS4vMCYvLDExJyw2MTA3KDEmUEk=
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81423433166.txt bios get version
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81423433166.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81423433166.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nsl2.tmp\hoy.dll
- %TEMP%\insHv27.bbdcabfecbfb
- %TEMP%\bbdcabfecbfb.zip
- %TEMP%\insHv27.exe
- %TEMP%\nsl2.tmp\nsisunz.dll
- %TEMP%\81423433166.txt
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- %TEMP%\tmp3.tmp
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\insHv27.exe в %TEMP%\bbdcabfecbfb.exe