Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\wuT.exe
- %TEMP%\aaa\mamatije2.exe -a 59 -o http://b.####nil.biz:8332/ -u mrdd_mrdd -p mama1 -t 2
- %TEMP%\aaa\hsbca.exe /NOCONSOLE %TEMP%\aaa\3kal.cmd
- %HOMEPATH%\Start Menu\Programs\Startup\wuT.exe
- <SYSTEM32>\taskkill.exe /f /im svchoost.exe
- <SYSTEM32>\taskkill.exe /f /im mamatije.exe
- <SYSTEM32>\cmd.exe /c %TEMP%\aaa\3kal.cmd
- <SYSTEM32>\taskkill.exe /f /im cgminer.exe
- %TEMP%\aaa\mamatije2.exe
- %TEMP%\aaa\3kal.cmd
- %TEMP%\aaa\hsbca.exe
- 'b.###inil.biz':8332
- DNS ASK b.###inil.biz
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''