Technical Information
- '%APPDATA%\Folder\File.exe'
- '<SYSTEM32>\svchost.exe' -a cryptonight -o stratum+tcp://pool.minexmr.com:4444 -u 45Q7a5wMbxKhwbpukFncr2MakewfBujiegsHZHS8mcvSZEahsn19v1bWbwaVe4vUMveKAzAiA4j8xgUi29TpKXpm3wp7mJw -p x -t 2
- '<SYSTEM32>\reg.exe'
- <SYSTEM32>\reg.exe
- <SYSTEM32>\svchost.exe
- %APPDATA%\Folder\File.exe