Техническая информация
- '%TEMP%\bdacabfdcbhg.exe' 5-5-3-2-8-8-3-5-0-7-4 KktGQjUoHSpTTj5LREE7KBgsSUVNU0pNSEc8NS0bLz1FTk9GQjUoHSpDQkA4Kx0tSEpMP1U8UFpEQTsoGCxORUtSQE1cU0pEOmN0bWw1KixxXWpzKXRhYShcbW4lXF5vYSdlaWFsHic7SURDREU/OB0tPCk6KDEZKz8tOispGCw/MzYpLBssQiw1KiwgKEAwOCovGCdNTU89UT5PXE5KQVM8Q1I5GypNUEc8Uj5UWEFQRz47GCdNTU89UT5PXEw5RUI4IChBU0BcU0pEOhsvPlRAWkBLPERGSUU2HCpDTFFMVz9NT1BPQE06LhgnUUNBR0dUSlJdTUpJOCAoUkg4Lx4nPFAsPRkrTVBLUkFFQlpXPkg+SkpDQUU+QkVOTkc4HS1BS1xNVUdQREhCO2xqcmAgKE5AT1JQRkFLQl9OT0BNXEI5UVA4MhkrQ0RBQ1A1LhsvQk9aP1ZMOUVGPl8+Sj5NVk5MPUE4ZlpobmAdLTxHVElMSD0/WkZONSk1My4yNCkxMywpKS0bL01FSEA6LywqLzA4MDMsMB0tPEdUSUxIPT9aUUdFPTosLywsKi0tLy0iMDUxLjYsMCc/RQ==
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81424220970.txt bios get version
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81424220970.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81424220970.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nsq2.tmp\ob01.dll
- %TEMP%\insHv17.bdacabfdcbhg
- %TEMP%\bdacabfdcbhg.zip
- %TEMP%\insHv17.exe
- %TEMP%\nsq2.tmp\nsisunz.dll
- %TEMP%\81424220970.txt
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- %TEMP%\tmp3.tmp
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\insHv17.exe в %TEMP%\bdacabfdcbhg.exe