Техническая информация
- '%TEMP%\bbdcabfddcad.exe' 5-9-5-3-9-8-4-2-5-7-7 KkdEQTQvLy4tGShOTD1NQDw5LhsoR0BLUkxJQ0VCOCkZKjtEUEtBQDstLS4vKhssOkFAOysZKEtJSkFMO1BdRD02LC00MRcnT0NNTz5NVlBPQzVkcm9pMyombmJpbipyY14mXGdrKltZcF8pYmdhZhssOkRFQUZCPTgoNDYnKzM1MzAtGyY/LjQpMjMuMRkqOy06JCkcLT8sNigoGyw7LDkrLBkoPyw4KigYK05NSD1QOk9cR0pFVDw8UjgXKk1JR0BTPk1YQExHPjQYK05NSD1QOk9cRTlJQzgZKEBPQFxMSkg7Gyg+UzxaQEQ8SEdJPjYbJkNMSkxbQE1IUE48TTopGCtSQzpHRlBKUlZNTko4GShRRDgvFydAUSw2GSpJUEtLQUlDWlA+RzpKSjxBST9CPk5NQzgdJkFPXU1OR09ASEI0bG5zYBkoTTxPUklGRUxCWE5OPE1cOzlVUTgrGSo/REE8UDkvGyhCTlY/VkU5SUc+WD5JOk1WR0xBQjhfWmdqYB0mPEtVSUVIPDtaRkc1LTUuJyssKSkuKCkqNDMZKE9ASEI0KTAwLCowNC4rNhcnQE1SR0VKOD9cS0FJQzgqKCwqKi8nKTEoMzMpMzEtNiFISQ==
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81423556648.txt bios get version
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81423556648.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81423556648.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nsv2.tmp\hoy.dll
- %TEMP%\insHv18.bbdcabfddcad
- %TEMP%\bbdcabfddcad.zip
- %TEMP%\insHv18.exe
- %TEMP%\nsv2.tmp\nsisunz.dll
- %TEMP%\81423556648.txt
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- %TEMP%\tmp3.tmp
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\insHv18.exe в %TEMP%\bbdcabfddcad.exe