Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\ltBzolje2xV9I81] 'ImagePath' = '%WINDIR%\ltBzolje2xV9I81.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\ltBzolje2xV9I81] 'Start' = '00000002'
- %WINDIR%\ltBzolje2xV9I81.exe
- '20#.#3.223.34':80
- 'xm####.dwarfpool.com':8005
- '46.##3.218.199':9001
- '88.##0.73.100':443
- DNS ASK xm####.dwarfpool.com
- '%WINDIR%\ltBzolje2xV9I81.exe'