Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Services.exe' = '%APPDATA%\Services.exe'
- %WINDIR%\explorer.exe
- %APPDATA%\services.exe
- '10#.#40.201.62':80
- '%APPDATA%\services.exe'
- '%WINDIR%\explorer.exe' -B --donate-level=5 -a cryptonight --url=104.140.201.62:80 -u 4Aotje6mGNPRcDQeqS7iUwRLGJhLLgJvfbS6Dju5peSACbVXTFhnds53xuoqif3JEcfbdjiW27xuAJiiKeiCGbuoACrutNE -p windows -R --variant=-1 --max-cp...