Technical Information
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Driver' = '%APPDATA%\Sysfiles\<File name>.exe'
- %APPDATA%\microsoft\windows\start menu\programs\startup\driver.url
- [<HKLM>\System\CurrentControlSet\Services\WinRing0_1_2_0] 'ImagePath' = '%APPDATA%\Sysfiles\WinRing0x64.sys'
- 'WinRing0_1_2_0' %APPDATA%\Sysfiles\WinRing0x64.sys
- %APPDATA%\sysfiles\driver.exe
- from <Full path to file> to %APPDATA%\sysfiles\<File name>.exe
- 'po##.#ashvault.pro':3333
- DNS ASK po##.#ashvault.pro
- '%APPDATA%\sysfiles\driver.exe' -o pool.hashvault.pro:3333 -u 44ccgwDYNPC86Q7aTHDMbVSibvK25q6vBSX5o69Dy5LqDbvS6XQ5Ch3aE9epxm96jASDRyKFXquYkJoE5yXiHrKD9i4brJa -p x -k -v=0 --donate-level=1 -t 1
- '%APPDATA%\sysfiles\driver.exe' -o pool.hashvault.pro:3333 -u 44ccgwDYNPC86Q7aTHDMbVSibvK25q6vBSX5o69Dy5LqDbvS6XQ5Ch3aE9epxm96jASDRyKFXquYkJoE5yXiHrKD9i4brJa -p x -k -v=0 --donate-level=1 -t 1' (with hidden window)