Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'svchost.exe' = '%TEMP%\svchost.exe'
- <SYSTEM32>\nslookup.exe
- %TEMP%\svchost.exe
- %APPDATA%\microsoft\inc\sihost32.exe
- '%APPDATA%\microsoft\inc\sihost32.exe'
- '%TEMP%\svchost.exe'
- '<SYSTEM32>\nslookup.exe' --response-timeout=30 --farm-retries=30 --pool stratum://0x4a82b262BbF466b9F3f946C226CB8A672cFC2F9d.gooixbuxpn@us1.ethermine.org:4444 --unam-stealth