Техническая информация
- '%TEMP%\bfcabfcebhg.exe' 2-2-4-6-2-5-8-5-4-7-9 LU5FPjstKy4cKEpTQExDQjgoGytHPFJVS0xJRDw4LBkmQkdPTkc/NS0wLycvHis9Rz81KxwoR1BNQE9BT1dEQDYoNDcwGi1OPU1SPkldU05GO2Nsb2wzJi1xYWx0KWxjYSZYbm4pXl9vWSllZ11tHis9SkQ7RkU9NC4uNTIwLywwLykoNi8tMzAuMC0sMhctQi03TFBFPUFLIy4uNTIwLywwLxkmQjA5Jy8bJz8vNiQvHis+MjglLBwoOzM7KSseKkhNSz1MQVJbSlBETjw/UjQeLUxMTT9NPlBYPFNKPTceKkhNSz1MQVJbSD9IPTgcKDxWQ1tPUEc1Gys+T0NdP0dCR0FJQTYXLUZLTVJaOk1LUEpDUDksHipMQz1HQldNUVlTTUQ4HChNSzsuGi0/Syw5GSZQU0pOR0g9WlM+Q0FNST9HSDlCQU5JSjscKUdOV01RR0tHS0E3cm1tYBwoSUNSUUxMREZCW05KQ1BbPj9USzguGSZGR0A/VjgpGytCSl1CVUg/SEE+Wz5FQVBVSlJAPDhiWmNxYxwpQkpPSUhIOEJdRUo7LSkyKjEpLC81MywsLDAcKEtHS0E3Ly8qKzAyKTMvLhotP0dSSkVGP0JbTkdIPTgtKCwtMCwrMyUxNS0uMS8wJkpL
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81423495574.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81423495574.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nsm2.tmp\kkss.dll
- %TEMP%\insHv10.bfcabfcebhg
- %TEMP%\bfcabfcebhg.zip
- %TEMP%\insHv10.exe
- %TEMP%\nsm2.tmp\nsisunz.dll
- <SYSTEM32>\PerfStringBackup.TMP
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- %TEMP%\insHv10.bfcabfcebhg
- %TEMP%\bfcabfcebhg.zip
- %TEMP%\tmp3.tmp
- %TEMP%\insHv10.exe в %TEMP%\bfcabfcebhg.exe