Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\Runme.vbs.lnk
- '%APPDATA%\setx.exe' -o http://Ze############ade:1231@eu1.triplemining.com:8344 -g no -t 2 -T 45
- '%APPDATA%\setx.exe' -o http://bu##########1234@eu1.triplemining.com:8344 -g yes -t 2 -T 45
- '<SYSTEM32>\wscript.exe' "%APPDATA%\Runme.vbs"
- %APPDATA%\btc.il
- %APPDATA%\coinutil.dll
- %APPDATA%\setx.exe
- %APPDATA%\phatk.cl
- %APPDATA%\usft_ext.dll
- %APPDATA%\miner.dll
- %APPDATA%\phatk.ptx
- %APPDATA%\Runme.vbs
- 'eu#.###plemining.com':8344
- DNS ASK eu#.###plemining.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''