Technical Information
- [<HKLM>\System\CurrentControlSet\Services\WinRing0_1_2_0] 'ImagePath' = '%APPDATA%\WinCFG\Libs\WinRing0x64.sys'
- 'WinRing0_1_2_0' %APPDATA%\WinCFG\Libs\WinRing0x64.sys
- <SYSTEM32>\svchost.exe
- %APPDATA%\wincfg\libs\winring0x64.sys
- %APPDATA%\wincfg\libs\ddb64.dll
- %APPDATA%\wincfg\libs\nvrtc-builtins64_101.dll
- %APPDATA%\wincfg\libs\nvrtc64_101_0.dll
- 'gu##.##neroocean.stream':80
- DNS ASK gu##.##neroocean.stream
- '<SYSTEM32>\svchost.exe' --opencl --cuda --donate-level=5 -B --coin=monero --url=gulf.moneroocean.stream:80 --user=46k5YqiJQ1a6tMME1XhfqL39qapu9PVZ9ZxT5cdrT2C46r3vzL2Kj3yaQprSGZWbonGUizhWoDqEX3Vxorn1f5jLQsfTXuq --pas...