Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\hwEkkK5ChCbX86i] 'ImagePath' = '%WINDIR%\hwEkkK5ChCbX86i.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\hwEkkK5ChCbX86i] 'Start' = '00000002'
- %WINDIR%\hwEkkK5ChCbX86i.exe
- <Полный путь к файлу>
- '37.##5.56.180':9001
- '46.##1.142.174':9001
- '20#.#3.223.34':80
- '16#.#72.185.132':443
- '88.##0.73.100':443
- 'xm####.dwarfpool.com':8005
- '62.##3.216.177':443
- '17#.#9.62.159':9001
- '10#.#85.28.25':3971
- DNS ASK xm####.dwarfpool.com
- '%WINDIR%\hwEkkK5ChCbX86i.exe'