Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Services.exe' = '%APPDATA%\Services.exe'
- %WINDIR%\microsoft.net\framework\v2.0.50727\regasm.exe
- %APPDATA%\services.exe
- %APPDATA%\services.exe
- DNS ASK mi##xmr.com
- '%APPDATA%\services.exe'
- '%WINDIR%\microsoft.net\framework\v2.0.50727\regasm.exe' -B --donate-level=0 -t 1 -a cryptonight --url=minexmr.com:4444 -u xxx -p x -R --variant=-1 --max-cpu-usage=50