Техническая информация
- [<HKLM>\System\CurrentControlSet\Services\WinRing0_1_2_0] 'ImagePath' = '%WINDIR%\Microsoft.NET\Framework64\v4.0.30319\WinRing0x64.sys'
- 'WinRing0_1_2_0' %WINDIR%\Microsoft.NET\Framework64\v4.0.30319\WinRing0x64.sys
- %WINDIR%\microsoft.net\framework64\v4.0.30319\addinutil.exe
- %TEMP%\tmp92f0.exe
- 'dr##box.com':443
- 'uc#############a27e55dec78e3.dl.dropboxusercontent.com':443
- 'po##.#inexmr.com':7777
- DNS ASK dr##box.com
- DNS ASK uc#############a27e55dec78e3.dl.dropboxusercontent.com
- DNS ASK po##.#inexmr.com
- '%TEMP%\tmp92f0.exe'
- '%WINDIR%\microsoft.net\framework64\v4.0.30319\addinutil.exe' --donate-level 1 -k -t 1 -o pool.minexmr.com:7777 -u 43YdDQ3g3zG2TXNWSgjXm1F9isntwTEwMSEof6jtpWJpT2i6nobQ3NEdu9vnn9Hgp8MMSc83J39C5DnUgB7mygDCPSDE33y