Техническая информация
- '%TEMP%\bjcabfdchf.exe' 6-5-1-2-2-2-9-4-0-7-5 KUtIQjsxJy4yGSpNUEFOR0I0LCAoST9PVk1QSUBAPSkbKT9IUVJHOzkyLTEqLB8tQUc7OTAZKkpNTkJTQUtbST04KzE4Mh4tSkFST0BMWlRQSjtfcHRpNSkqcmNwdCVwaF4oW2tvK2Jfa10uYmlgah8tQUpAP0tCPzdySDBRLj4xTkVESlA0VDdGPj8yLjAxR1IeLUIoOTMsMjAvMB4tQik5LSobKT8yOysvFytELTgnLB8tQjM0KTEZKkpNTkJTQUtbUEtEUDxCVzseJkxSSD9PPlNdQ1NDPT0ZKkpNTkJTQUtbTjpIPzgfLUNWPFtVS0c3Gy5DVkNWP009R0NJRDseLT9LU01aPE1OVVFDSTkyGSpOQ0BMSVdGUV9OTUY4Hy1USzQuICg/TSw8Hi1QTEpUQkg/WlZDSkFGSUVCSDtCRFNQSjQcL0JOWU1UTFJHREE9bW1vYB8tUENLUVJHREhCXlNRQ0lbRDpUTTgxHi1GQEBFUTgrGy5HUV07VU46SEM+XkNMQUlVUE1APjhlX2pxXBwvPUpRSUtNP0JWRVA2MywpNTQsMCczLio0KxsuUkdLPDkxLS0qMzA1MTUoHC89SlFJS00/QlZQSUZANywuNy0wJy01Iy40LTg4MS8hTE0=
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81430394543.txt bios get version
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81430394543.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81430394543.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nsn2.tmp\utu.dll
- %TEMP%\insHv17.bjcabfdchf
- %TEMP%\bjcabfdchf.zip
- %TEMP%\insHv17.exe
- %TEMP%\nsn2.tmp\nsisunz.dll
- %TEMP%\81430394543.txt
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- %TEMP%\tmp3.tmp
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\insHv17.exe в %TEMP%\bjcabfdchf.exe