Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'WinActivate' = '%ALLUSERSPROFILE%\Documents\cpu\load.exe'
- '%ALLUSERSPROFILE%\Documents\cpu\unzip.exe' -oqq cpuminer.zip
- '%ALLUSERSPROFILE%\Documents\cpu\unzip.exe' (загружен из сети Интернет)
- %ALLUSERSPROFILE%\Documents\cpu\unzip.exe
- %ALLUSERSPROFILE%\Documents\cpu\cpuminer.zip
- %TEMP%\aut1.tmp
- %ALLUSERSPROFILE%\Documents\cpu\load.exe
- %TEMP%\aut1.tmp
- 'xm####4.comli.com':80
- xm####4.comli.com/cpuminer.zip
- xm####4.comli.com/unzip.rav
- DNS ASK xm####4.comli.com
- ClassName: 'Shell_TrayWnd' WindowName: ''