Техническая информация
- '%TEMP%\bbecabfddbhi.exe' 0-5-2-3-2-5-7-2-8-1-8 L0tHQTsyLC4qHydTUEBNRz82LhguRkVPVUxQRkJCNS8YLz9HUFJEPTsqMy00Lh4sQUQ9OygfJ1BNTUFTPk1dQUM1MTE3MR4qTENKVT1SWlNPSjhhcmxvMi8qcWJwcSdyYGQlYWtuKmJcbV8maGZmah4sQUdCQUNIPD0sNzYvMyo0MTgrICpCLjssLzMrNxgvPzA6KywZLTwyNS0sHixCLzYrKR8nRDA7Ki8bKE5KTjxVPlJcTk1CVDlCUT0bLU1QSj1TO1NXRVBKPjsbKE5KTjxVPlJcTDxGQzUfJ0VTQ1xTTUU7GC49WEBdQEs/RUdGRDUgKkZMUU9YQEpOT1NAUDowGyhSQEBGS1RNUl1QS0o1HydWSDsvHio9USk8GC9NU0tSREZDV1Y9TD5NSkNERj8/RE1SRzsdLURMXUpURlRES0I7b2tzXR8nUkBSUlBJQkw/Xk1TQFBcQjxSUTUxGC9DR0FDUzYvGC5BU1pCVkw8Rkc7Xj1OPlBWTk8+QjVlWWxuYx0tP0hVRktHQT9dRk44KjUrLSoxLSwuLywnNDAfJ1RES0I7LC0wKTAxNzA0Mh4qPU1PTURPPEJcUkRGQzUwJzEvLS8uLC4oKTkoNjUuMig8Rg==
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81423553949.txt bios get version
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81423553949.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81423553949.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nsa2.tmp\hoy.dll
- %TEMP%\insHv18.bbecabfddbhi
- %TEMP%\bbecabfddbhi.zip
- %TEMP%\insHv18.exe
- %TEMP%\nsa2.tmp\nsisunz.dll
- %TEMP%\81423553949.txt
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- %TEMP%\tmp3.tmp
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\insHv18.exe в %TEMP%\bbecabfddbhi.exe