Техническая информация
- '%TEMP%\dcacabfhcbia.exe' 3-6-5-0-6-7-0-9-0-6-4 LEpERDcrMyogKU9SPEtJPjYwFy9IQVFRSlJFQkQ0MRorQUNOVEM9PSk1MSwuGipDQz09JyApTE9JP1U9TV9ARDctMzMvIClMRUlWP05cT01MN2F0a3A0KyxtbXYoPUVKSydQTEooQUpJLkBOQEsdKT5MQzxLQEQ3LC4qLDcrLzcpMCwtLy8yMywxMSk3GitBKzgtKxkvOzI3KS4aKkQtNi0oIClAMTcoMRooRCw9Jy0dKUtSST1VOlRZTE9DUUE9Uj0XL0pOTD5QQ05YRUxMOzkdKUtSST1VOlRZSj5HQD0aKEVPRVlRT0Y4ICk+WDxfPUlBRkROPzYgJkhJT1FZPVJJUFM8UjcuHSlPSDtHS1BPT1tSTEc9GihWRD0sHCw+TjE3GS9JVUhQRkdAX1E+TDpPR0FGRzxHP05SQz0aK0ZNWlJPR1RATT85cWxwZRooUjxUT05LQ0lHWU5TPFJZQD5TTj0sGS8/ST5BVTcsIClCU1ZEU0o+R0RDWT5OOlJTTFE/Pz1gWmxqZRorQUlSTkZIQTtfQ0w6MzAuMC4uKDEtKi8qMSApTUlERTctMSwxODMpNik0GitBSVJORkhBO19ORUo/ODMpKzAmMiotMiQsMDQsMDEyLiZNRw==
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81427297468.txt bios get version
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81427297468.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81427297468.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nsa2.tmp\xmsyj.dll
- %TEMP%\qq49.dcacabfhcbia
- %TEMP%\dcacabfhcbia.zip
- %TEMP%\qq49.exe
- %TEMP%\nsa2.tmp\nsisunz.dll
- %TEMP%\81427297468.txt
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- %TEMP%\tmp5.tmp
- %TEMP%\tmp3.tmp
- %TEMP%\tmp4.tmp
- %TEMP%\qq49.exe в %TEMP%\dcacabfhcbia.exe