Техническая информация
- '%TEMP%\bbecabfecbah.exe' 1-7-9-1-8-2-0-9-1-3-0 LklAQzUxMCkxHS9STjlPQUI9Jx8sTkRNTk5KSUk7PC0gLj1AUkxHRDQxLTI4MBcuO0dENC8dL09LRkNNQVRWSEE9MC8wMxgtUzxRU0VRWExRRDtoa3NtOi4oamRqdC5rZ2ItYGlnLFxfdFgtZm5laBcuO0pJOkpGRDxwRkU5SzEnSEwyTDs5ODxGRy9BP0c3KUgfJ0IxNDIzNTMuKR8nQjI0LC4gLj0qPCUvICZDMT0sKhcuPDM9JDAdL09LRkNNQVRWT09JVTo6WDUeL0dRTERUPEtePVNMODwdL09LRkNNQVRWTT5NRDYXLj1WRVZUT0w8GSZEUENfOkxBTEhHPDwYLUhGUlFfQUtGVktDUjQxHS9TQThNQ1dPTF5SUks2Fy5OSz0pHyxEUio0HydQVUVTRk1EWE5EREFPRERGTUBAPFRKSj0XLkZTXktMTUxHTTw8cXJ0XhcuSkNUTFFLSU1AVlRLQ1JWQz5ZUjYpHydGSTtEVT0wGSZIS11EUE0+TUg8VkRGQVJQT1FFQzZdYGRxZRcuQU9WR0NOOUJfQE86MTAsJTEpLi4vLS8zMBkmU0FLRTQwMTIwKjA4MDE5Fy5BT1ZHQ045Ql9LSEpFPComMCwtMicwMiowMysyMjM5IUBK
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81427929270.txt bios get version
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81427929270.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81427929270.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nsd2.tmp\hoy.dll
- %TEMP%\insHv27.bbecabfecbah
- %TEMP%\bbecabfecbah.zip
- %TEMP%\insHv27.exe
- %TEMP%\nsd2.tmp\nsisunz.dll
- %TEMP%\tmp5.tmp
- %TEMP%\81427929270.txt
- %TEMP%\tmp3.tmp
- %TEMP%\tmp4.tmp
- %TEMP%\insHv27.exe в %TEMP%\bbecabfecbah.exe