Threat Database Backdoors Backdoor.Hikit

Backdoor.Hikit

By Domesticus in Backdoors

Backdoor.Hikit is a Trojan that opens a backdoor on the infected machine. When Backdoor.Hikit is executed, it may drop several malevolent files. Backdoor.Hikit uses a non-trusted certificate for loading the driver. Backdoor.Hikit may also modify the Windows registry so that it can run automatically every time you start Windows. Backdoor.Hikit enables cybercriminals to obtain remote access and control over the affected computer in order to execute harmful activities.

SpyHunter Detects & Remove Backdoor.Hikit

File System Details

Backdoor.Hikit may create the following file(s):
# File Name MD5 Detections
1. %System%\drivers\W7fw.sys
2. %Temp%\w7fw.sys
3. %Temp%\w7fw.inf
4. %Temp%\w7fw.cat
5. %Temp%\w7fw_m.inf
6. oci.dll d3fb2b78fd7815878a70eac35f2945df 0
7. file.exe 4759ec5c0a3723a44042a9a96ece3632 0

Registry Details

Backdoor.Hikit may create the following registry entry or registry entries:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Driver Signing\"Policy" = "00"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Non-Driver Signing\"Policy" = "00"
HKEY_LOCAL_MACHINE\Software\Microsoft\SystemCertificates\AuthRoot\Certificates\[HEXADECIMAL VALUE]\"Blob" = "[BINARY DATA]"

Trending

Most Viewed

Loading...