Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Services.exe' = '%HOMEPATH%\Services.exe'
- <SYSTEM32>\svchost.exe
- %HOMEPATH%\services.exe
- DNS ASK sg.##nexmr.com
- '%HOMEPATH%\services.exe'
- '<SYSTEM32>\svchost.exe' -B --donate-level=5 -a cryptonight --url=sg.minexmr.com:4444 -u 426prfqg5JB7GZmjJbhroXeTsRsWDC9WM7g6JVf6BP7zc8nconFSrDFVdjkTrJUWoZSQZNqtZfp3Yf7TWovRu6Xc8eizeNV -p -R --variant=-1 --max-cpu-usa...