Техническая информация
- '%TEMP%\bedchgafdd.exe' 1/7/0/8/3/4/0/3/2/8/1 LklJPDotOS8zKx8uTFU6TUVEOi4YLk0+VE9MTktGQjUwHyhEQVBQSUE7KjQzLzQYLD9JQTsoHy5JUkdBUUNRXUFDPCs0LjIvICxRPVFVPlJXUk5MOmZsc28zLydwbnYrQj1SSiZUR00pQU1OJkhNP08YLD9MRkFDSEM2ICdBLT0qLxguQys9JS4cL0ExNSwwGS88MTktLh4nQzQ2LSkdK1BPTTxUQk1fSE9FVj5BUTwfKFBKTEBVQFJXRFRFQTUdK1BPTTxUQk1fRj5JRTpOSk5DTkNMXEpBSkMYLkRRRVdSTkw6U0pLXj9PSlw/QU9QQURRWEVQQhwvQlY9XkJGRERGSkU6HidHTkxUVz9OT1RRPVE8KyAnUURBS0lRTlRYVUpJOSAsVEU8MRkvPFAtPV5qbmgxGS9KUkpURks9XlY+TDtMSUVGSzlGRE5SRDocL0ZRV1FUR1RBSkE9cXBtZB8oUj1RUVJLR0ZGXk5TPU9bRD5XSzwxGS9ARkBFVTspHy5CU1dBVU4+S0FCXj5OO09VUFFDPDxlWmxrYhwvQU1PTUtIQTxcRVA6Lyg3LSs4JjItLi4vGC5TQk09Oi00MDAvNjExMSodK0RMVUZLTjpEV1FFTUI7LS4xMS8qLS01Jy8qOTEvOi0vJkFK
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81433049665.txt bios get version
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81433049665.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81433049665.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nsa2.tmp\mnwskqa.dll
- %TEMP%\bedchgafdd.fcicabfbddcd
- %TEMP%\fcicabfbddcd.zip
- %TEMP%\bedchgafdd.exe
- %TEMP%\nsa2.tmp\ZipDLL.dll
- %TEMP%\tmp5.tmp
- %TEMP%\81433049665.txt
- %TEMP%\tmp3.tmp
- %TEMP%\tmp4.tmp
- ClassName: '#32770' WindowName: ''