Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Services.exe' = '%APPDATA%\Services.exe'
- <SYSTEM32>\svchost.exe
- %APPDATA%\services.exe
- 'xm#####.nanopool.org':14444
- DNS ASK xm#####.nanopool.org
- '%APPDATA%\services.exe'
- '<SYSTEM32>\svchost.exe' -B --donate-level=5 -a cryptonight --url=xmr-eu1.nanopool.org:14444 -u 44wYdin6TiZUV7HaNoQ7Kz1d6K4as51b8h7K1FnWYkNx2qxUpkfMyiuZMerXCoAVu87Q6k6WiPjPdjiptzguiwGTJ5pNcNd -p -R --variant=-1 --max-...