Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'WindowsUp' = '%APPDATA%\dev-poin.exe'
- '%APPDATA%\dev-poin.exe' -a 15 -t 1 -g no -o http://fu######.###ker:furthers@rr.btcmp.com:8332 -u furthers.worker -p furthers
- %TEMP%\aut1.tmp
- %APPDATA%\dev-poin.exe
- %APPDATA%\dev-poin.exe
- %TEMP%\aut1.tmp
- 'rr.##cmp.com':8332
- DNS ASK rr.##cmp.com
- ClassName: 'Indicator' WindowName: '(null)'