Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run] 'ADSL Dial' = '<Full path to file>'
- %APPDATA%\Microsoft\Protect\CREDHIST
- %APPDATA%\Microsoft\Crypto\RSA\S-1-5-21-2052111302-484763869-725345543-1003\ec702f375e1b12d218f67ab9ef19ca23_23ef5514-3059-436f-a4a7-4cefaab20eb1
- <Full path to file>
- from <Full path to file> to %TEMP%\[9f66b2cda4e20585307c41ebf9a87e7f]
- <Full path to file>
- '11#.#96.117.200':574
- '11#.#96.117.200':8888
- '<SYSTEM32>\cmd.exe' /c %TEMP%\DellDriver\aIg.exe --donate-level 1 --max-cpu-usage 10 --cpu-priority 5 -o jw-js1.ppxxmr.com:5555 -u 49D8xAUpYdAJhEFvuHqFVL4CWPugu3sivKWb15mTQvss87Dq74S7kXgJ8Q1cJ63XW4iWUGkvdh4udfS6nn...