Техническая информация
- '%TEMP%\bbccabfeacbh.exe' 0-7-8-4-0-2-2-5-4-3-1 L0lBQD0xLi0uHS5TTjpMSUI7KxwsTUVNT0tSSUc/OS0fLz1BT1RHQjguLTE5MBgrQ0dCOCwdLlBLR0BVQVJaRUE8MS8xMCAtUUBOU0RSWE1OTDtmb3BtOS8oa2FydCxvZGIsYWloKWRfclwqZm1maBgrQ0pHPkdGQz1wPC1UNUdISS0yRjI+LUNGRT0xME84LTEcL0IvOC8zNDQuKhwvQjA4KS4fLz0rOS0vHipAMTwtKhgrRDM7KC0dLlBLR0BVQVJaTE9IVjo7VT0eLUtOTENVPExbRVNKPDkdLlBLR0BVQVJaSj5MRTYYK0VWQ1pRT0s9GSdBWENdPklBS0lHPTkgLUZKT1FeQktHU1NDUDguHS5UQTlKS1dNUFtSUUw2GCtWSzstHCxDUyo1HC9QU0lQRkxFWE9BTEFNSEFGTEFAPVFSSjsbK0ZSX0tNSlRHS0A5cXF1XhgrUkNSUE5LSE5AV1FTQ1BaQD5YUzYqHC9GRz9BVTwxGSdFU11CVEo+TEk8V0FOQVBUTFFERDZeXWxxYxsrQU5XR0RLQUJdREw6MDkwJjU3LDAvKi40MBknUElLQzgtMTExKS0xMDcuGytBTldHREtBQl1PRUpEPSonLTItMCstMik5MystOjEuJT1K
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81432964467.txt bios get version
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81432964467.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81432964467.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nsq2.tmp\tet.dll
- %TEMP%\insHv25.bbccabfeacbh
- %TEMP%\bbccabfeacbh.zip
- %TEMP%\insHv25.exe
- %TEMP%\nsq2.tmp\nsisunz.dll
- %TEMP%\81432964467.txt
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- %TEMP%\tmp3.tmp
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\insHv25.exe в %TEMP%\bbccabfeacbh.exe