Техническая информация
- '%TEMP%\cccabfehcag.exe' 8-4-5-1-6-4-6-4-3-9-1 J0xEQzcsGitQTEFIRT88KhwpSkJLVkdORkg+OSocLDtIS1BEQzcsGitAQEM1LBsuSk5JQFI6U1dFPzwqHClPQklVPU5aVExIN2Rxa28yKypyX25wKnFfZCVda28nYFtwXiVoZmJqHyk/RkVAQkg8ORsuPi03KS4XLjwuOCwrHClAMDQsKRwqQy45Jy0dJkMtOSgwGitKTkw7VDtQWk9MRVA9QFA8GCtLUUlATz9RVkRNSDw8GitKTkw7VDtQWk07ST85HSZEUEFaVExINxwsPFc9Wz5MPkhDSkI0HydESlJOWzxOTE5SPU44NBorTkQ+RUpRS1BeT05GOR0mVUU5LR8pQE0tOhcuSlFJU0NJP1tUPEs7S0hEQ0k7Q0JMUUQ5Gy5DT1lOUkVTQUlAPG5ub2EdJlE9UFBRSEVIQ1xMUj1OWkM7VU05LxcuQEU/RFI5KxwsQFJXQFRNO0lDP1w8TTtOVE9OQT45Y1hra2EbLj5LUUpJRkA8W0RPNy4qMCswMiYtLi8oLS4uHSZTQUlAPCswLC41KzExNS8fKUBJU0tDTjlAWlNDST85LyYxJy4rMC8mLDYtMDktMCVARw==
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81424173089.txt bios get version
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81424173089.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81424173089.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nss2.tmp\gxr.dll
- %TEMP%\insHv32.cccabfehcag
- %TEMP%\cccabfehcag.zip
- %TEMP%\insHv32.exe
- %TEMP%\nss2.tmp\nsisunz.dll
- %TEMP%\81424173089.txt
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- %TEMP%\tmp3.tmp
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\insHv32.exe в %TEMP%\cccabfehcag.exe