Техническая информация
- '%TEMP%\bcbjcabedhbab.exe' 6-2-5-8-9-1-3-2-6-5-8 KU5EPDQwMC4rLhgpUVA6R0hBOyobJ0hDT09GUUhHPjgoGi0/QUpTRkI3LSwxMjQYJkJGQjcrGClOTUc7VEBSWUQ8NzAvKCszHS1NQEpQQ01XTFFJO2JvbGo4KidqZG90KG9gXytcaGcsYV9uXCZjbGFnFy5ASkM+Q0NCOCxcYGA1KjMpJzUwWTAsMTNdXCUyYFwoJDUzYV4sLC43MVlZMh0tPiw1Kx4qPCk8Ki8aKjwtOygpFy5BMjcoKRotPy00LC4eKUtKSUJQO0teTVBDUTk9VzgYJk9PTT5QO05dQE1DQDoeKUtKSUJQO0teSz9HQDUaLUBQPF5SUEY4GClDUz1WQkpCRkRGPzsbJz9OUFJZPUpJVU49STwvHilPQDtMRlFGVFxTTEc1Gi1PQUREOi8uLDEqMCstLjEdLVBINSweKjxKMDpfXihtZG4sJWVkdB4pTU1IUkRFPF5UQ0Y+R0dDREU4RkJTTEc1Gi1ES1ZRUkxOREU/O29qbGQdLUxATE9QSUFFRlxTTUBKWUI8UUo8Lx4pQ0E+Q1M1KB8sR01aPFNMPEVAQlxDSD5KU05PPTs8Y19mbl0aLT9HTk1JTTs/V05HSD00MC8tKzQnLC4sLCE3NzAsNS0sKEtFFy5BTVFJREk/P1dATzo1LSkqLCwtLC4tLjMt
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81422176164.txt bios get version
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81422176164.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81422176164.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nsx2.tmp\ccf.dll
- %TEMP%\insHv22.bcbjcabedhbab
- %TEMP%\bcbjcabedhbab.zip
- %TEMP%\insHv22.exe
- %TEMP%\nsx2.tmp\nsisunz.dll
- %TEMP%\81422176164.txt
- %TEMP%\tmp5.tmp
- <SYSTEM32>\PerfStringBackup.TMP
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- %TEMP%\bcbjcabedhbab.zip
- %TEMP%\insHv22.bcbjcabedhbab
- %TEMP%\tmp4.tmp
- %TEMP%\tmp3.tmp
- %TEMP%\insHv22.exe в %TEMP%\bcbjcabedhbab.exe