Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'WindowsUpdate' = '%APPDATA%\msregvs.exe'
- <SYSTEM32>\svchost.exe
- %APPDATA%\msregvs.exe
- %APPDATA%\msregvs.exe
- '<SYSTEM32>\svchost.exe' --max-cpu-usage=70 -o pool.minexmr.com:4444 -u 4AJeEqfAN2hNvJJo8inYi2Va86YmzxvYo4k5Dm8LNZgBi5DeaMrsUqvGKK8etQzCsLLYZo2oFBjbEC93b2abzrJR9jhSF5a -k --retries=99 --threads=3 -p x
- '<SYSTEM32>\svchost.exe' --max-cpu-usage=100 -o pool.minexmr.com:4444 -u 4AJeEqfAN2hNvJJo8inYi2Va86YmzxvYo4k5Dm8LNZgBi5DeaMrsUqvGKK8etQzCsLLYZo2oFBjbEC93b2abzrJR9jhSF5a -k --retries=99 -p x