Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\Explorer.lnk
- C:\ProgramData\System32\ssleay32.dll
- C:\ProgramData\System32\vccorlib110.dll
- C:\ProgramData\System32\Qt5Network.dll
- C:\ProgramData\System32\Qt5WebSockets.dll
- C:\ProgramData\System32\platforms\qwindows.dll
- C:\ProgramData\System32\cudart32_60.dll
- C:\ProgramData\System32\explorer.bat
- C:\ProgramData\System32\cpu.bat
- C:\ProgramData\System32\cpu.vbs
- C:\ProgramData\System32\cock\start.bat
- C:\ProgramData\System32\explorer.vbs
- C:\ProgramData\System32\cock\start.vbs
- C:\ProgramData\System32\cock\miner.exe
- C:\ProgramData\System32\libeay32.dll
- C:\ProgramData\System32\msvcr110.dll
- C:\ProgramData\System32\Qt5Core.dll
- C:\ProgramData\System32\minergate.exe
- C:\ProgramData\System32\msvcp110.dll
- ClassName: 'EDIT' WindowName: ''
- '<SYSTEM32>\wscript.exe' "C:\ProgramData\System32\Explorer.vbs"
- 'C:\ProgramData\System32\cock\miner.exe' -p1337228 -d
- '<SYSTEM32>\wscript.exe' "C:\ProgramData\System32\cock\start.vbs"
- '<SYSTEM32>\tasklist.exe' /FI "ImageName EQ minergate.exe"
- '<SYSTEM32>\find.exe' /I "minergate.exe"
- '<SYSTEM32>\cmd.exe' /c ""C:\ProgramData\System32\cock\start.bat" "
- '<SYSTEM32>\cmd.exe' /c ""C:\ProgramData\System32\explorer.bat" "