Technical Information
- %HOMEPATH%\Start Menu\Programs\Startup\Explorer.lnk
- %TEMP%\aut1.tmp
- %TEMP%\file1.exe
- %TEMP%\aut2.tmp
- %TEMP%\file2.exe
- C:\ProgramData\Windows\bk-exel\bk-exel.xlsx
- C:\ProgramData\Windows\svchost.exe
- C:\ProgramData\Windows\config.json
- C:\ProgramData\Windows\cpu.bat
- C:\ProgramData\Windows\cpu.vbs
- C:\ProgramData\Windows\Explorer.bat
- C:\ProgramData\Windows\Explorer.vbs
- C:\ProgramData\Windows\start.cmd
- %TEMP%\aut1.tmp
- %TEMP%\aut2.tmp
- 'xm#.###l.minergate.com':45700
- DNS ASK xm#.###l.minergate.com
- ClassName: 'EDIT' WindowName: ''
- '%TEMP%\file1.exe'
- '%TEMP%\file2.exe'
- '<SYSTEM32>\wscript.exe' "C:\ProgramData\Windows\Explorer.vbs"
- 'C:\ProgramData\Windows\svchost.exe'
- '<SYSTEM32>\cmd.exe' /c ""C:\ProgramData\Windows\cpu.bat" "