Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Services.exe' = '%TEMP%\Services.exe'
- %WINDIR%\explorer.exe
- %TEMP%\e653d73e45833b6c
- %TEMP%\services.exe
- 'xm#.#miners.com':2222
- 'xm#.#miners.com':2222
- DNS ASK xm#.#miners.com
- '%TEMP%\services.exe'
- '%WINDIR%\explorer.exe' -B --donate-level=1 -a cryptonight --url=xmr.2miners.com:2222 -u 8BbApiMBHsPVKkLEP4rVbST6CnSb3LW2gXygngCi5MGiBuwAFh6bFEzT3UTufiCehFK7fNvAjs5Tv6BKYa6w8hwaSjnsg2N -p x -R --variant=-1 -t 1 --max-...