Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'MouseMonitor' = '%APPDATA%\InspectData\ethernetdriver.exe'
- '<SYSTEM32>\attrib.exe' -s -h %APPDATA%\InspectData
- %APPDATA%\InspectData\miner.dll
- %APPDATA%\InspectData\mpir.dll
- %APPDATA%\InspectData\displaydrivers.exe
- %APPDATA%\InspectData\coinutil.dll
- из <Полный путь к вирусу> в %APPDATA%\InspectData\ethernetdriver.exe
- '19#.#0.57.179':80
- 'wp#d':80
- 19#.#0.57.179/sovikat/miner.dll
- 19#.#0.57.179/sovikat/mpir.dll
- 19#.#0.57.179/sovikat/coinutil.dll
- wp#d/wpad.dat
- 19#.#0.57.179/sovikat/coin-miner.exe
- DNS ASK wp#d
- ClassName: 'Indicator' WindowName: '(null)'