Техническая информация
- '%TEMP%\dcecabfiibah.exe' 7-0-0-6-4-6-3-0-3-1-0 KFBJPjksLzAyHy9MVUJKRT46MB0uTj5UV0lORUZEOjAgKERJTVBDQT0uMDEqNiApP0NBPS0fL0lSTz5RPVFfRkM9KjA1LzMaLFNCUVY+Ul9PTkY6aHFzcDMvL21ucCtEQlJLJlRPSik7TVArSE4/TyApP0ZGQ0hIRDYgLz4tNyoxHS5EKz0tKxwpQTM6LDEZL0QuOScuICxDNTYtMRorSk9PQVRDTV9QTEVQPkNWPCAoUFJJQE9AVFxEVUVBPRorSk9PQVRDTV9OO0k/OjNBUiUrMEJja20dL0JXRVhVUkY5GixFVURfPE1ERkVIQj0dLkhIU1RZPkxMV1BEUjYyIClQQj5OSFhPTl9VTEg3HS9TTD0rIC8+Tys6ICxRVUdUSUdBWVRFSUJPRkVJRz1BQlVPSz0ZL0lNW0xSTlFITT49dGxxXx0vT0RUTlJOQ0pBXFVQRFJYREFTTzcvICxHST1FWDctGixJUF5EUk5BR0U9XEVLQlJSUFQ/QDdjYWlyZRkvRElTSElPPkNfQlA9KzMzKzEyMy4rMzEoLi0tICxTSUZFPSswLDQxNDQ2KTIgKUBJVE5JTkE9X1RDST86MywxNCgyMCsxJDI6MS86KTIqO0k=
- '%TEMP%\File.exe'
- '<SYSTEM32>\conhost.exe' /output:%TEMP%\81427365026.txt bios get version
- '<SYSTEM32>\Wbem\wmic.exe' /output:%TEMP%\81427365026.txt bios get version
- '<SYSTEM32>\Wbem\wmic.exe' /output:%TEMP%\81427365026.txt bios get serialnumber
- %TEMP%\nsi363D.tmp\nsisunz.dll
- %TEMP%\jj49.exe
- %TEMP%\81427365026.txt
- %TEMP%\dcecabfiibah.zip
- %TEMP%\hpjsxvjy.mtg
- %TEMP%\jj49.dcecabfiibah
- %TEMP%\nsi363D.tmp\kdcdf.dll
- %TEMP%\81427365026.txt
- %TEMP%\jj49.exe в %TEMP%\dcecabfiibah.exe
- %TEMP%\hpjsxvjy.mtg в %TEMP%\File.exe
- DNS ASK tl.##mcb.com
- DNS ASK tl.##mcd.com
- DNS ASK crl.microsoft.com
- DNS ASK sr#.###k-top-app.info
- DNS ASK t2.##mcb.com
- DNS ASK ct###.#indowsupdate.com
- DNS ASK t1.##mcb.com
- DNS ASK dn#.##ftncsi.com
- ClassName: 'Shell_TrayWnd' WindowName: ''