Technical Information
- [<HKLM>\System\CurrentControlSet\Services\WinRing0_1_2_0] 'ImagePath' = '%WINDIR%\WinRing0x64.sys'
- 'WinRing0_1_2_0' %WINDIR%\WinRing0x64.sys
- %WINDIR%\explorer.exe
- %APPDATA%\wincfg\libs\ddb64.dll
- %APPDATA%\wincfg\libs\nvrtc-builtins64_101.dll
- %APPDATA%\wincfg\libs\nvrtc64_101_0.dll
- %APPDATA%\wincfg\libs\winring0x64.sys
- 'gu##.##neroocean.stream':10128
- DNS ASK gu##.##neroocean.stream
- '%WINDIR%\explorer.exe' -B --opencl --cuda --coin=monero --url=gulf.moneroocean.stream:10128 --user=47sNwtHp4TM7Y9AgN594WqNdjMzCGfz58NwnCaMuxiKGhEgRXiuJkyzF1pQFgcFuxSX4PDMjzy1q1VxpH9zAuD1B85JhgMu --pass=50MiWalletBitc...