User Mode Windows Rootkit able to hide Processes, Files, Directories, Registry Key, Registry Value.
Undetectable at the moment in Windows Defender and BitDefender Free Version Antivirus s
[ ! ] You need Administrator Privileges!
[ ! ] Before execute commands to hide some values, if in this victim machine never is executed this binary execute first the UserModeR00tkit.exe without arguments of the command
Process:
- Hide Processes in Task Manager
Files & Directories:
- Hide Files & Directories in File Explorer (explorer.exe)
Registry:
- Registries and Values in regedit.exe
Process:
- rootkit.exe process hide processname.exe
Path:
- rootkit.exe path hide C:\Users\Public\Music
Registry:
- rootkit.exe registry hide valuetohide
Evade Windows Defender:
- Static Analysis:
- Execution/Dynamic Analysis:
Not detected in Execution Time! (4/1/2024)
Evade Classic AV (BitDefender Free Version):
- Static Analysis:
- Execution/Dynamic Analysis:
Not detected in Execution Time! (4/1/2024)