User Mode Windows Rootkit able to hide Processes, Files, Directories, Registry Key, Registry Value.

Undetectable at the moment in Windows Defender and BitDefender Free Version Antivirus s

[ ! ] You need Administrator Privileges!

[ ! ] Before execute commands to hide some values, if in this victim machine never is executed this binary execute first the UserModeR00tkit.exe without arguments of the command

Process:

• Hide Processes in Task Manager

Files & Directories:

• Hide Files & Directories in File Explorer (explorer.exe)

Registry:

• Registries and Values in regedit.exe

Process:

• rootkit.exe process hide processname.exe

Path:

• rootkit.exe path hide C:\Users\Public\Music

Registry:

• rootkit.exe registry hide valuetohide

Evade Windows Defender:

• Static Analysis:

• Execution/Dynamic Analysis:

Not detected in Execution Time! (4/1/2024)

Evade Classic AV (BitDefender Free Version):

• Static Analysis:

• Execution/Dynamic Analysis:

Not detected in Execution Time! (4/1/2024)