Техническая информация
- '%TEMP%\cdcabfhicbc.exe' 6-1-2-5-9-7-9-6-2-1-5 KU9HPzQwKiowHypNVEBLQD00Kh4uST9TVUpJREA+Oy8bKUNHTktCOzcwMzAuMh4qOkI7Ny4fKkpRTT9MPEtZR0M4KzU3LxcoSj9QVUBMXlNNQzZfbnJvNSkucWBpbyVuZmQoW29uKFtaa1ssaGlgbh4qOkVAPUlIPzcxLi0nLCcuLjUyGi5CLDQqLyo0NBspQzA4JCoXKUIyOCcwHio7LTQnLx8qPjQ7KCgZJkpQTj9PQlJaR0tAUD9CVDcfLUtJSDtPQVNaP1RKPDQZJkpQTj9PQlJaRTpEPzsfKj9XQ1pMS0M3Hi5AUkRdPkQ9Q0NMRDgaLkZKSk1WPFBOUk1EUDgpGSZORkBJRVhNUFZOSUY7HypQTDstFyg7TS88GylRU0lLQkQ/XVZARkJNSDxCRDtFRFBMSzsbJkJKWVBUSU5IS0A0bWlvYx8qTERSUElHQEhFXlBNRFBaOzpQTTsxGylHRz88UTQrHi5ETV5CVEU6RENBXkBIQlBUR008PjtlXGZyYxsmPUZRTEtKO0NdREc2Ly8sNTMoMDMtJSwwGi1TREdEOywrKykzMzIzKjYeKjtITkhKTjw+XlJERD40LC0yKiwvLzAhMTEvNDkvMSk/SA==
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81427227327.txt bios get version
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81427227327.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81427227327.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nsm2.tmp\7tm.dll
- %TEMP%\rc63.cdcabfhicbc
- %TEMP%\cdcabfhicbc.zip
- %TEMP%\rc63.exe
- %TEMP%\nsm2.tmp\nsisunz.dll
- %TEMP%\81427227327.txt
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- %TEMP%\tmp3.tmp
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\rc63.exe в %TEMP%\cdcabfhicbc.exe