Техническая информация
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'HWMonitor' = '%APPDATA%\chome_exe\chome_min.exe'
- %WINDIR%\microsoft.net\framework\v4.0.30319\regasm.exe
- %WINDIR%\microsoft.net\framework\v4.0.30319\regasm.exe
- %APPDATA%\chome_exe\chome_min.exe
- DNS ASK xm######ast1.nanopool.org
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' Remove-ItemProperty -Path 'HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Run' -Name 'HWMonitor';New-ItemProperty -Path 'HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Run' -Name 'HWMonitor' ...
- '%WINDIR%\microsoft.net\framework\v4.0.30319\regasm.exe' --donate-level=1 -t 1 -v 0 --cpu-priority=3 -a cn/r -k -o xmr-us-east1.nanopool.org:14444 -u mikigod -p otroyomismo.indet@gmail.com