Техническая информация
- '%TEMP%\bcfcabfdcc.exe' 2-6-3-2-2-1-1-0-0-8-0 LUpGQjswNzQ3LCAtTVJATkhDPTAYL0w/UVVNUUpJRDUxHilBR1FTSEQ9KjU2KjAeLUJIRD0oIC1KT01CVEJUX0FEOywwNzA4Hy9TPVJUP09dU1FLPWhsdG40LC1xZHF2LmxoYydebm4sY2F0WS5naGNtHi5CTEk7S0c+Oh4tQzA9LSkgLT4vOyswHy9EKz0rKx0tQjM8LTEYL0IvOisvHy5QUkdEUz1RXU5RSFZBO1k7GixOUE5DVUNMX0NPST87Hy5QUkdEUz1RXUxATEU9S2Vyb20eLURXRV9NUko3HS1DV0RfQ0VESkNLQzsfLkhPS1RdPE9NVVJEUj0qIC1ORT9MSlhPVVdVUEY6Hi1VTD0yGC9CTS47Ly80MTYYL1BPS1JHTERfVz1MQUlKQ0dMQEdFTVJKNx0tR1JeUlVGVEdHQjtycXRlICdSQ05SUExITUdfTVNDTFxCP1hSPTIYL0ZDQUNWPDAgL0FTXT5WTD9MSENfPU5BTFZOUkRDPWZZbHFfHS1CTlZOTEdBQllGTjs4MS4yLTUsKzQuLDEwNCAnVEdHQjsvMzEyMTA4MzI1Hi1DTldORE8/PlxSR0xEPTEnMjMpLy4vNCkxMjIyMTQtNihPTA==
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81427356083.txt bios get version
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81427356083.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81427356083.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nsn2.tmp\xor.dll
- %TEMP%\insHv17.bcfcabfdcc
- %TEMP%\bcfcabfdcc.zip
- %TEMP%\insHv17.exe
- %TEMP%\nsn2.tmp\nsisunz.dll
- %TEMP%\81427356083.txt
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- %TEMP%\tmp3.tmp
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\insHv17.exe в %TEMP%\bcfcabfdcc.exe