Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\Runme.vbs.lnk
- '%APPDATA%\setx.exe' -o http://Ze############ade:1231@eu1.triplemining.com:8344 -g no -t 2 -T 45
- '%APPDATA%\setx.exe' -o http://Ze############ade:1231@eu1.triplemining.com:8344 -g yes -t 2 -T 45
- '<SYSTEM32>\wscript.exe' "%APPDATA%\Runme.vbs"
- ClassName: 'OLLYDBG' WindowName: ''
- %APPDATA%\setx.exe
- %APPDATA%\Runme.vbs
- 'eu#.###plemining.com':8344
- DNS ASK eu#.###plemining.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''