Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'cxz' = '%TEMP%\cxz.exe'
- %TEMP%\svchost.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\bitcoin-miner[1].exe
- %TEMP%\svchost.exe
- %TEMP%\cxz.exe
- 'ap#.cld.me':80
- ap#.cld.me/FoX8/download/bitcoin-miner.exe
- DNS ASK ap#.cld.me
- ClassName: 'Indicator' WindowName: ''