Threat Database Rootkits Rootkit.TmpHider


Threat Scorecard

Threat Level: 100 % (High)
Infected Computers: 17
First Seen: November 14, 2011
Last Seen: September 27, 2019
OS(es) Affected: Windows

Rootkit.TmpHider is a dangerous rootkit. Rootkit.TmpHider can spread via removable USB drives but it does not have to use autorun.inf files. Rootkit.TmpHider can also enter targeted machines by exploiting the vulnerabilities of lnk-files. On entering a system, Rootkit.TmpHider will inject code into system processes in order to avoid detection and removal by security software.

File System Details

Rootkit.TmpHider may create the following file(s):
# File Name MD5 Detections
1. mrxcls.sys ca9eabeab482524e5797c684398335d5 7
2. mrxcls.sys a143379c449a7da024b203ca80153418 4
3. mrxnet.sys 2e37615e2c960091d94db91dc758376c 4
4. mrxnet.sys acfe00193adb9128f6166640c16bee40 1


Most Viewed