Техническая информация
- '%TEMP%\dhcabfeebhf.exe' 1-6-1-6-9-3-9-2-6-4-5 LkpIPjQ0Ki4sHCpST0FKQEE0LhorSUROVklJSEBCNy0bLj5ITUtGOzssMDAzLR8pOkY7OyocKk9MTj5MQEtdQ0A4MDA4LhcsSkNMUkBRWVRMQzpfcm5sNS4pcl9pcyVyYmEoYGpvJ1tea18oZWllaR8pOklAQUVFPzwsMy0oMigwLzQxHylDKzQuLy4wMRsuPjE3JC4XLT4vOCwrHyk7MTQrKxwqQy88JygdJk5MSz9UPVNZR09AVDs/VDwaLkpJTDtTPVBaRE9LOzQdJk5MSz9UPVNZRT5EQzccKkRSRFlMT0M7GitAVz9ePURBQ0dIQTgfKUdJSlFWQExLUlI/UTcpHSZSQj1JSlNOT1ZSSUo3HCpVRzwsFyw7USs5Gy5MVEhLRkRDWVNASz1ORzxGRD9BQVBRRjwaJkZKXUxRSVNDTD80cWlzXxwqUT9TT0lLQExBW1BSP1FZOz5QUTcuGy5CSD48VTQvGitEUllDU0U+REc9W0BNPVFTR1E8QjdiXGttZBomQUZVSEhKQD5eQ0c6KS4yKiwwKy0wLisrMxorT0hHRDcoMSkzMTEvNSowGiZBRlVISEpAPl5OQEo8Oy0rMi4sLyssJy04LzI1MyspSkQ=
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81427234347.txt bios get version
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81427234347.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81427234347.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nse2.tmp\afnxj.dll
- %TEMP%\ic29.dhcabfeebhf
- %TEMP%\dhcabfeebhf.zip
- %TEMP%\ic29.exe
- %TEMP%\nse2.tmp\nsisunz.dll
- %TEMP%\81427234347.txt
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- %TEMP%\tmp3.tmp
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\ic29.exe в %TEMP%\dhcabfeebhf.exe