Техническая информация
- '%TEMP%\bbdcabfddbjg.exe' 5-1-2-2-1-1-4-3-4-5-3 Kk9HQjw2Ly0uGyxOVEBOSEM5LRwqS0BTVU1RSkVBOSsdKkNHUVNIQDouLzIvMh4tQkhAOiwbLEtRTUJUQlBcRT86LDU3Mh8uT0JOUUJNXlNQSzxkcXBrNyoucWNxdSpxZGAqXG9uK2NgcF4qZGthbh4tQktFQEdEQTgwNzcwMy8zMyw0Gy5CLzwwMjIvMx0qQzA7LDAcLEAuOigwHi1DMzkqLRssPzQ7KzAfK01OSkFQQlJdT1FFUz0+VjgfLU5RTkBSP09cQFRKPzwfK01OSkFQQlJdTUBJQjkbLEBXQ11UUUg6HCpCU0RdQUxDSEZKQDobLkZNUlNbP05KVE5EUDsxHytRRDxLRlhNU15UTkk5GyxRTDswHy5AUC04HSpRU0xTSElCW1JCR0JNS0RIST5DQFJNSzseLkhPXE5QS09IS0M8c25yYRssTURSU1FNRUtDWlJORFBdQ0BVUDktHSpHR0JEVzkuHCpGTl5CV01ASUY/WkJJQlBXT1NBQTlhXmdyYx4uQ0tUSkdMPENdR088MS0qLTMpMC43LTMxHStPRkhEOy8zMS0uNS0zMDIeLUNOU0tISj4/XlJHTEQ5LissMCoxLi80KS0uNi8xNTAxKE9M
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81423816745.txt bios get version
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81423816745.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81423816745.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nsd2.tmp\hoy.dll
- %TEMP%\insHv18.bbdcabfddbjg
- %TEMP%\bbdcabfddbjg.zip
- %TEMP%\insHv18.exe
- %TEMP%\nsd2.tmp\nsisunz.dll
- %TEMP%\81423816745.txt
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- %TEMP%\tmp3.tmp
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\insHv18.exe в %TEMP%\bbdcabfddbjg.exe