Technical Information
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Microsoft Update' = '%LOCALAPPDATA%\Microsoft\Update\svchost.exe'
- [<HKLM>\System\CurrentControlSet\Services\WinRing0_1_2_0] 'ImagePath' = '<Current directory>\WinRing0x64.sys'
- 'WinRing0_1_2_0' <Current directory>\WinRing0x64.sys
- <Current directory>\msascuil.exe
- from <Full path to file> to %LOCALAPPDATA%\microsoft\update\svchost.exe
- 'ra#.####ubusercontent.com':443
- '62.##9.19.55':3333
- DNS ASK ra#.####ubusercontent.com
- '<Current directory>\msascuil.exe' --max-cpu-usage=50 -a rx/0 --donate-level=0 -o stratum+tcp://62.109.19.55:3333 -u stelsminer -p x --background