Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Service2.exe' = '%CommonProgramFiles%\rundll\Service2.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Service2] 'ImagePath' = '"%CommonProgramFiles%\rundll\Service2.exe"'
- [<HKLM>\SYSTEM\ControlSet001\Services\Service2] 'Start' = '00000002'
- %CommonProgramFiles%\rundll\SysRunDll.exe
- %CommonProgramFiles%\rundll\Service2.exe
- %CommonProgramFiles%\rundll\Service2.exe в %CommonProgramFiles%\rundll\Service2.exe
- 'po##.#inexmr.com':4444
- DNS ASK po##.#inexmr.com
- '%CommonProgramFiles%\rundll\SysRunDll.exe' -o stratum+tcp://pool.minexmr.com:4444,5555 -u 45RAGBL5hKaMjJqU9xy39zDVQk4mZpTwAV5ztpz5hZBu2NRp5eBkBZ33s8wABaZS4sJH9qvF32tL7dqBiApw8QVBGFfqU2m.0085ECF35D_8 -p x -t 1 --donate-level=1 --cpu-prio...
- '%CommonProgramFiles%\rundll\Service2.exe'
- '<SYSTEM32>\cmd.exe' /c "%CommonProgramFiles%\rundll\SysRunDll.exe" -o stratum+tcp://pool.minexmr.com:4444,5555 -u 45RAGBL5hKaMjJqU9xy39zDVQk4mZpTwAV5ztpz5hZBu2NRp5eBkBZ33s8wABaZS4sJH9qvF32tL7dqBiApw8QVBGFfqU2m.008...
- '<SYSTEM32>\sc.exe' start "Service2"
- '<SYSTEM32>\cmd.exe' /c sc start "Service2"