Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'wxd11dxawzsa.exe' = '%TEMP%\wxd11dxawzsa.exe'
- [<HKLM>\System\CurrentControlSet\Services\WinRing0_1_2_0] 'ImagePath' = '<SYSTEM32>\WinRing0x64.sys'
- 'WinRing0_1_2_0' <SYSTEM32>\WinRing0x64.sys
- <SYSTEM32>\svchost.exe
- %TEMP%\wxd11dxawzsa.exe
- 'xm#.###l.minergate.com':45700
- DNS ASK xm#.###l.minergate.com
- '%TEMP%\wxd11dxawzsa.exe'
- '<SYSTEM32>\svchost.exe' -B --donate-level=1 -a RandomX --url=stratum+tcp://xmr.pool.minergate.com:45700 -u userminersxmr@gmail.com -p x -R --variant=-1 --max-cpu-usage=40