Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Shell' = '"%APPDATA%\td76jDonD0Lu5W4P\6ud8aL3mOJZB.exe",explorer.exe'
- %APPDATA%\td76jDonD0Lu5W4P\6ud8aL3mOJZB.exe
- %TEMP%\p9R3CLak9zh7qInL\Svchost.exe
- %APPDATA%\td76jDonD0Lu5W4P\6ud8aL3mOJZB.exe
- '%TEMP%\p9R3CLak9zh7qInL\Svchost.exe' --max-cpu-usage=100 -t 5 --donate-level=1 -o pool.supportxmr.com:3333 -u 41jvvNynN4eQDYovnKyEwuc5Q71SyhPTi1iUxMRz8oak9BUeGhuecbfTyykY1PaReo3dBxdxGPvEB8Fj1YJsc2bT2tNSJBf -p test