Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Services.exe' = '%TEMP%\Services.exe'
- %WINDIR%\explorer.exe
- %TEMP%\services.exe
- 'xm######est1.nanopool.org':3333
- DNS ASK xm######est1.nanopool.org
- '%TEMP%\services.exe'
- '%WINDIR%\explorer.exe' -B --donate-level=1 -a cryptonight --url=xmr-us-west1.nanopool.org -u 43TyT97ZmoCeN5XJZuWB7gVRuXVNBZ3ZReAVUCqjSKHXhTimggLxPLRUqN2MPShCNzeGD3uU5Q6SxVq94a5sL8gq3FYQGyt -p -R --variant=-1 -t 1 --...