Technical Information
- %WINDIR%\Tasks\xbooster.job
- '%WINDIR%\shdccsdhj.exe' -o stratum+tcp://xmr-eu1.nanopool.org:14444 -u 4JUdGzvrMFDWrUUwY3toJATSeNwjn54LkCnKBPRzDuhzi5vSepHfUckJNxRL2gjkNrSqtCoRUrEDAgRwsQvVCjZbRwhkbK2uwRj8snedXv/5 -p x
- '%WINDIR%\shdccsdhj.exe' (downloaded from the Internet)
- %WINDIR%\shdccsdhj.exe
- 's3######st-2.amazonaws.com':80
- 'localhost':1038
- http://s3######st-2.amazonaws.com/zminer/NsCpuCNMiner32.exe
- DNS ASK s3######st-2.amazonaws.com