Technical Information
- [<HKLM>\System\CurrentControlSet\Services\WinRing0_1_2_0] 'ImagePath' = '%APPDATA%\Google\Libs\WR64.sys'
- 'WinRing0_1_2_0' %APPDATA%\Google\Libs\WR64.sys
- %WINDIR%\explorer.exe
- %APPDATA%\google\libs\wr64.sys
- 'xm#####a1.nanopool.org':14433
- 'xm#####a1.nanopool.org':14433
- DNS ASK xm#####a1.nanopool.org
- '%WINDIR%\explorer.exe' bkezryepvlwfqk0 6E3sjfZq2rJQaxvLPmXgsJYtw2VUkMahuYBm2iexRUE6xRkMbTdn/6Fo2rWbeKxwpEu6qQGCZ8p/yDFOBhk/GcaNYc9hIHtVRMkGHwy6yW1ciOqV5RG99k5ZneHDBjOcFJnmtUQVTaMHof/zi1CE1Lvu5wYxsqJWqtTaOB0OzQ19u27+f...