Техническая информация
- '%APPDATA%\WorkWindows\svhost.exe' (загружен из сети Интернет)
- '<SYSTEM32>\mmc.exe' /s <SYSTEM32>\eventvwr.msc
- '%APPDATA%\WorkWindows\svhost.exe' -a cryptonight -o stratum+tcp://xmr.pool.minergate.com:45560 -u minersystems@bk.ru -p x
- '%APPDATA%\WorkWindows\dlhost.exe'
- '<SYSTEM32>\eventvwr.exe'
- %APPDATA%\WorkWindows\svhost.exe
- %APPDATA%\WorkWindows\dlhost.exe
- %APPDATA%\WorkWindows\svhost.exe
- %APPDATA%\WorkWindows\dlhost.exe
- 'ro####3m.beget.tech':80
- 'wp#d':80
- http://ro####3m.beget.tech/minerfiles/minerfiles/cpuminer/ThreadSupport.bin
- http://11#.#11.111.1/wpad.dat via wp#d
- DNS ASK ro####3m.beget.tech
- DNS ASK wp#d
- ClassName: 'Shell_TrayWnd' WindowName: ''