Техническая информация
- '%TEMP%\beddcfdhdd.exe' 4^4^5^1^1^4^2^6^7^0^0 K0xEQzwuLywqNCArT1BBT0VCNykgL0pBT1ZOTklDPT0xHCs/SFJQRz42MTkzMxsuQkVCNykgL0xOSkNUP1JZQkQ9LTI0Mx8rUT9LVkVOW1BRSzlmbm1wOisrbnF1KkI/TEstUEtLLEBMTihCTkZLHCpCS0VBRUJEPXItWjY3NDUxLjhfLS8yNy80XS1oMV9BPzFCQjI/Ozo3NCwzMTMzLTQyKjYyMy8sMV4pL1ksNjUtMDE3Xmo3bm5fNS8vWkRCMkE9L0FBPTMvLzYyMi0qMDUsLyszMC41WWZfY1spLTg1MzIsLTc2MjIvMjA0Ny0sMF8yNTQyNjRdWVgyXzMvWjJmMWlZXCAvQC04LDAcLT4rPS0tHCpDMjkrKxkvRDA5KDAfK0IvNi0xHCtLUU5AUz1NX1BORVFAQlU7GihQUktAUEJTW0NPRUE9HCtLUU5AUz1NX049SUA8HytDUj5fVU5IOB8uQVY/WENNQEhETUQ5HilBT1NQWz1RTlNRP0s9MhwrT0dASklTSFVfUU5HPB8rVEc2MiArQE4wPBwtTE5OVEVJQF5WQUo9SE1FRUk8RkRRUEY2IC9FT1pRVEpSQ0ZFPXBucGQfK1A/TVVSSkVJRl5RUT9LX0Q9VU48MRwtQkJERVQ5LB8uRVFZPVlOPUlEQl5BTD1LWVBQQT88ZV1qbV4gL0BLUk1LSz8+WElQOS0yMi0xNSgqNTUqLS82HytSQ0ZFPS0wLjIxNTYyKjUgK0BKVk1ITTs9X1RFSUA8NSsxKSswMTEmLTkyLzgtLipBSQ==
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81433381343.txt bios get version
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81433381343.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81433381343.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nsw2.tmp\rqschtd.dll
- %TEMP%\beddcfdhdd.gdcabfbddgi
- %TEMP%\gdcabfbddgi.zip
- %TEMP%\beddcfdhdd.exe
- %TEMP%\nsw2.tmp\ZipDLL.dll
- %TEMP%\tmp5.tmp
- %TEMP%\81433381343.txt
- %TEMP%\tmp3.tmp
- %TEMP%\tmp4.tmp
- ClassName: '#32770' WindowName: ''