Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'bcd.exe' = '"<LS_APPDATA>\Microsoft\Windows\bcd.exe'
- <Current directory>\bcm.exe (downloaded from the Internet) -g yes -o http://ep##########nter1:123@nl.btcguild.com:8332
- <Current directory>\bcm.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\bitcoin-miner[1].exe
- <LS_APPDATA>\Microsoft\Windows\bcd.exe
- 'uf##oft.com':80
- 'localhost':1037
- uf##oft.com/files/open/bitcoin-miner.exe
- DNS ASK uf##oft.com
- ClassName: 'Indicator' WindowName: ''