Техническая информация
- '%TEMP%\bcfcabffgbeg.exe' 0-3-9-4-1-8-8-3-6-7-2 L01AQDwpMS4uKh4vUEw+T0E8OioZLU5CS1NOSkNGPjYvICw7RVJMQUE3KzMyMy8cLjtBQTcpHi9NSUtDTTtRWUJCPS8rMDIpGCxNPlBWQklbVEpEOmJtcnA3JityXWpzKG1mZSpYbG8lXF5uWixpa11rHyc7SUM8SUlBNHM2TjBROz02Rj9DR0tCREVBLUdNTjwzThgnQSs2KzEdJkAxNSUuGihCMzokLR8nPDE3Ji8gLDsxPCUpHSlJUE9BTD9TV0hPQ08/Q1Y0HC5ISkw+TkFUXDxRSzk1HSlJUE9BTD9TV0Y+Rz47ICw8VERXTU9GNh4vQk9BXjtFQUZCTEU6FytHR0tRWTtQT1RKQVE1Kh0pTUZBS0JVTk1XUkxFOyAsTUk8KhgsPkwvPR0mTlRGTEZHPl1XQkM/TkU9Rkc6RUVSSUg8GCdGTVhQVUtLRUw9NXFsbmMgLElBU01KS0NHRV9SSkFRVzw+U0w7Mh0mREg8PVU3Kh4vRkpbQ1FGPkdCQV9CRT9RUUhRPz07Zl5jb2QYJ0FJUExMTDhAXkFIOisxNi4uKjQtKSYvLDIeL1FASUQ1KTEsKy81Myk0MxgnQUlQTExMOEBeTEFKPzYvLy8sKzEoKTIkLDgyMTEwMyI5Sg==
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81422168246.txt bios get version
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81422168246.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81422168246.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nsc2.tmp\xor.dll
- %TEMP%\insHv41.bcfcabffgbeg
- %TEMP%\bcfcabffgbeg.zip
- %TEMP%\insHv41.exe
- %TEMP%\nsc2.tmp\nsisunz.dll
- %TEMP%\81422168246.txt
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- %TEMP%\tmp3.tmp
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\insHv41.exe в %TEMP%\bcfcabffgbeg.exe