Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'lolupdate.exe' = '%APPDATA%\lolupdate.exe'
- [<HKLM>\System\CurrentControlSet\Services\WinRing0_1_2_0] 'ImagePath' = '%APPDATA%\WinCFG\Libs\WinRing0x64.sys'
- 'WinRing0_1_2_0' %APPDATA%\WinCFG\Libs\WinRing0x64.sys
- <SYSTEM32>\svchost.exe
- %APPDATA%\lolupdate.exe
- %APPDATA%\wincfg\libs\winring0x64.sys
- %APPDATA%\wincfg\libs\ddb64.dll
- %APPDATA%\wincfg\libs\nvrtc-builtins64_101.dll
- %APPDATA%\wincfg\libs\nvrtc64_101_0.dll
- %WINDIR%\temp\udd1a72.tmp
- %WINDIR%\temp\udd1a72.tmp
- 'gu##.##neroocean.stream':10128
- DNS ASK gu##.##neroocean.stream
- '%APPDATA%\lolupdate.exe'
- '<SYSTEM32>\svchost.exe' --opencl --cuda --donate-level=4 -B --coin=monero --url=gulf.moneroocean.stream:10128 --user=491AFfs2Fhj9c1AXyinqpn5TJTAb5JqAC1G1WAjKfTj8KAeuFHHP3USSVvFLFnw132LwCzVgfxNDmaWfXPyXDyBj4yVW3Vv --...