Техническая информация
- '%TEMP%\dccabfhccfd.exe' 3-7-8-3-0-1-1-1-2-6-3 LElBQT0yMS8uGixQTjpNSUM8Lx4pS0JNT0xSSkhDOyodLD1BUFRIQzwvMzQ0GSdASUM8Lx4pTU9IPFJDU15IQjcuMzIsHS9SRFFUP09cTkpJPWdzc240LCxsXW92LXNnYydebWklYWFzYC1naGNsGSdATEhCSkc+Oh0oPC49LDAfLT4vOiYpHS9DMjwrKx0sPSw6LTAfLkIvOioqGCxQUU5DUz1RXElKRlZAQlg7GixNS0dBVUJTXkNPST42GCxQUU5DUz1RXEc5SkU8Hy5DUkJcTkpJPR8uRFY/XEBGPElJTUQ8HilFTExMXEJRTlZRP086KxgsVEdATUlTTFJYTU9MPB8uVEc6LxknQVMwPB8tTFJLTUFKRV5WREo9TEo+QUpBRkRUUEY6HShBUF9RVE1SQ0pCNmxvdWQfLlA/UVJLRkZORl5UUT9PXD05VlM8MR8tQkZBPlA6MR8uSFFZQVZHOUpJQl5ETD1PVklMQkQ8ZWBqbWIdKDxMV01LTj8+XEZJNTE2LTAxNiguNCsmLjMxHy5SQ0pCNikxMjQyMTQtNi0ZJ0FPVk1LTTtBXE1BSkU8Mi4wKS8tKi0nNzk0ODgvLSdJRQ==
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81427380864.txt bios get version
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81427380864.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81427380864.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nsk2.tmp\kcbcn.dll
- %TEMP%\ic27.dccabfhccfd
- %TEMP%\dccabfhccfd.zip
- %TEMP%\ic27.exe
- %TEMP%\nsk2.tmp\nsisunz.dll
- %TEMP%\81427380864.txt
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- %TEMP%\tmp3.tmp
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\ic27.exe в %TEMP%\dccabfhccfd.exe