Technical Information
- [<HKLM>\System\CurrentControlSet\Services\WinRing0_1_2_0] 'ImagePath' = '%APPDATA%\WinCFG\Libs\WinRing0x64.sys'
- 'WinRing0_1_2_0' %APPDATA%\WinCFG\Libs\WinRing0x64.sys
- %WINDIR%\explorer.exe
- %APPDATA%\wincfg\libs\winring0x64.sys
- %APPDATA%\wincfg\libs\ddb64.dll
- %APPDATA%\wincfg\libs\nvrtc-builtins64_101.dll
- %APPDATA%\wincfg\libs\nvrtc64_101_0.dll
- 'po##.#upportxmr.com':3333
- DNS ASK po##.#upportxmr.com
- '%WINDIR%\explorer.exe' --opencl --cuda --donate-level=4 -B --coin=monero --url=pool.supportxmr.com:3333 --user=46gTgwMVt3466hE8PFq72WY7Fir7nJ9HsBcqLVWa7eMJe89NUvCRXKaQ2etR4cpybqABM2hpUAzgJMgZyaJTFpZy2a4ErQ8 --pass=...