Техническая информация
- %PROGRAMDATA%\{5caf4c37924a4d663dbff6c95cd512a3_0}\winlogon.exe
- %WINDIR%\temp\csrss.exe
- %PROGRAMDATA%\{5caf4c37924a4d663dbff6c95cd512a3_0}\csrss.exe
- %PROGRAMDATA%\{5caf4c37924a4d663dbff6c95cd512a3_0}\winlogon.exe
- %PROGRAMDATA%\{5caf4c37924a4d663dbff6c95cd512a3_0}\csrss.exe
- 'localhost':8005
- 'localhost':49172
- 'xm#.###l.minergate.com':45560
- DNS ASK xm#.###l.minergate.com
- DNS ASK fc#####.pool.minergate.com
- DNS ASK mc#####.pool.minergate.com
- DNS ASK mr#.###l.minergate.com
- DNS ASK mi##.#oneropool.com
- DNS ASK xm#.##shinvest.net
- DNS ASK xm####.dwarfpool.com
- DNS ASK xm#####.dwarfpool.com
- DNS ASK er####.dwarfpool.com
- ClassName: 'MS_WINHELP' WindowName: ''
- '%PROGRAMDATA%\{5caf4c37924a4d663dbff6c95cd512a3_0}\winlogon.exe'
- '%PROGRAMDATA%\{5caf4c37924a4d663dbff6c95cd512a3_0}\csrss.exe' -L 98 -c 1 -M stratum+tcp://mining198908%40gmail.com:x@xmr.pool.minergate.com:45560/xmr -t 2
- '%PROGRAMDATA%\{5caf4c37924a4d663dbff6c95cd512a3_0}\winlogon.exe' ' (со скрытым окном)
- '%PROGRAMDATA%\{5caf4c37924a4d663dbff6c95cd512a3_0}\csrss.exe' -L 98 -c 1 -M stratum+tcp://mining198908%40gmail.com:x@xmr.pool.minergate.com:45560/xmr -t 2' (со скрытым окном)