Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'RegMonitor' = '%APPDATA%\BotMiner_winx.exe'
- '%APPDATA%\rgm32_winx.exe' -t 2 -g yes -o http://de############ntelo:bitcoin@mint.bitminter.com:8332
- %APPDATA%\rgm32_winx.exe
- %APPDATA%\BotMiner_winx.exe
- %APPDATA%\BotMiner_winx.exe
- %APPDATA%\rgm32_winx.exe
- 'mi##.#itminter.com':8332
- 'de##anel.tk':80
- 'wp#d':80
- de##anel.tk/CreeperVersion.txt
- de##anel.tk/creeperuser.php?us########################
- wp#d/wpad.dat
- DNS ASK mi##.#itminter.com
- DNS ASK de##anel.tk
- DNS ASK wp#d
- ClassName: 'Indicator' WindowName: '(null)'