Trojan: Win32/Hidebaid.B

By GoldSparrow in Trojans

Threat Scorecard

Popularity Rank:	16,627
Threat Level:	80 % (High)
Infected Computers:	33,785

First Seen:	March 7, 2016
Last Seen:	January 18, 2026
OS(es) Affected:	Windows

The Trojan: Win32/Hidebaid.B detection is used by security vendors to specify a backdoor Trojan from the HideBaid family of threats. Security alerts about Trojan: Win32/Hidebaid.B are a reason to suspect infection with a variant of the HideBaid Backdoor Trojan. The Trojan: Win32/Hidebaid.B may install its files in the Temp directory and make modifications to the Windows Registry values to run every time the users turn on their PCs. Most versions of the Hidebaid Backdoor Trojan are less than 80KB in size and may later the properties of your shortcuts on the desktop to enable additional program parameters. Security researchers speculate that the variants of Trojan: Win32/Hidebaid are made by Chinese coders and may be dispersed among PC users via spam mail and malvertising. There are samples of Trojan: Win32/Hidebaid.B that are made to look like readers for presentations and images that suggest an effort to spread the threat globally.

The Trojan: Win32/Hidebaid.B is written in the C++ programming language and may connect to the Internet to download and install external plug-ins that would allow it to hide its activities and expand its functionality. As stated above the Trojan: Win32/Hidebaid.B is a Backdoor Trojan that might open ports to your computer system and allow remote code execution and data manipulation. Trojan: Win32/Hidebaid is a severe threat that has many variants to avoid detection and is designed to bypass basic protection mechanisms. The Trojan: Win32/Hidebaid may use executable DLLs to maintain its operations and work under the radar of most AV engines. The Trojan: Win32/Hidebaid may hide itself as a separate thread under the Svchost.exe host process in Windows Task Manager. Computer users need to install a reliable anti-malware instrument to find and delete the files associated with the Trojan: Win32/Hidebaid.B malware.

Table of Contents

SpyHunter Detects & Remove Trojan: Win32/Hidebaid.B

File System Details

Trojan: Win32/Hidebaid.B may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	UUC0789.exe	a76f1aa166ec99fbb9a635167e63633b	3,841
Name: UUC0789.exe MD5: a76f1aa166ec99fbb9a635167e63633b Size: 69.63 KB (69632 bytes) Detections: 3,841 Type: Executable File Path: C:\Program Files (x86)\UCBrowser\Application\UUC0789.exe Group: Malware file Last Updated: January 18, 2026
2.	setup.exe	bbefd2754df5ffed516a4e1624d4ae77	2,394
Name: setup.exe MD5: bbefd2754df5ffed516a4e1624d4ae77 Size: 3.48 MB (3484160 bytes) Detections: 2,394 Type: Executable File Path: %TEMP% Group: Malware file Last Updated: December 5, 2019
3.	ppt.exe	a985e8960e91c56015f311083007f9d4	1,840
Name: ppt.exe MD5: a985e8960e91c56015f311083007f9d4 Size: 524.28 KB (524288 bytes) Detections: 1,840 Type: Executable File Path: C:\Program Files (x86)\ppt\ppt.exe Group: Malware file Last Updated: May 24, 2022
4.	Rs.exe	0afcd87b9a9b5b3a9441e3ea1e7ff8bc	1,118
Name: Rs.exe MD5: 0afcd87b9a9b5b3a9441e3ea1e7ff8bc Size: 188.41 KB (188416 bytes) Detections: 1,118 Type: Executable File Path: C:\Program Files (x86)\Intel\Rs.exe Group: Malware file Last Updated: August 7, 2022
5.	bd.exe	b471ad32e0d4e92a60234b60558e094f	1,002
Name: bd.exe MD5: b471ad32e0d4e92a60234b60558e094f Size: 95.23 KB (95232 bytes) Detections: 1,002 Type: Executable File Path: %APPDATA%\et\445 Group: Malware file Last Updated: December 1, 2023
6.	3.exe	f41b2e826cbfdd89d24a0257afe7390c	112
Name: 3.exe MD5: f41b2e826cbfdd89d24a0257afe7390c Size: 3.07 MB (3076608 bytes) Detections: 112 Type: Executable File Path: %TEMP% Group: Malware file Last Updated: April 1, 2020
7.	pps-qq-19.exe	b269efdd591492b2036d0c1535693151	58
Name: pps-qq-19.exe MD5: b269efdd591492b2036d0c1535693151 Size: 3.69 MB (3695616 bytes) Detections: 58 Type: Executable File Path: %TEMP% Group: Malware file Last Updated: April 30, 2016
8.	win.exe	005ba23ecd999903ac5ddf2cd1593bc0	56
Name: win.exe MD5: 005ba23ecd999903ac5ddf2cd1593bc0 Size: 188.41 KB (188416 bytes) Detections: 56 Type: Executable File Path: C:\Program Files\Tencent\win.exe Group: Malware file Last Updated: October 22, 2021
9.	uc.exe	d9294a46d7f8f4dfd231baea176b40e8	23
Name: uc.exe MD5: d9294a46d7f8f4dfd231baea176b40e8 Size: 167.93 KB (167936 bytes) Detections: 23 Type: Executable File Path: %PROGRAMFILES%\ttt Group: Malware file Last Updated: May 10, 2017
10.	ic-0.d85772ad769918.exe	f88188eca355bbf9f3b9cb7258c27321	13
Name: ic-0.d85772ad769918.exe MD5: f88188eca355bbf9f3b9cb7258c27321 Size: 1.52 MB (1522395 bytes) Detections: 13 Type: Executable File Path: C:\Users\<username>\AppData\Local\Temp\691224\ic-0.d85772ad769918.exe Group: Malware file Last Updated: April 28, 2022
11.	Bind.exe.vir	b1c81e36d4249155ebd5094b711911f6	13
Name: Bind.exe.vir MD5: b1c81e36d4249155ebd5094b711911f6 Size: 53.24 KB (53248 bytes) Detections: 13 Path: C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\badu\Bind.exe.vir Group: Malware file Last Updated: June 1, 2022
12.	app.exe	e54fe8e1e0765e9f3ebfd3f31f9400b6	11
Name: app.exe MD5: e54fe8e1e0765e9f3ebfd3f31f9400b6 Size: 167.93 KB (167936 bytes) Detections: 11 Type: Executable File Path: %PROGRAMFILES%\Tencent Group: Malware file Last Updated: November 19, 2016
13.	Bind.exe	d0b7db7b5da999f1db484183641ab1a7	10
Name: Bind.exe MD5: d0b7db7b5da999f1db484183641ab1a7 Size: 49.15 KB (49152 bytes) Detections: 10 Type: Executable File Path: C:\Program Files (x86)\ttt\Bind.exe Group: Malware file Last Updated: August 9, 2022
14.	set.exe	d61df9afbe5bd98353f6dc8e0de97cba	9
Name: set.exe MD5: d61df9afbe5bd98353f6dc8e0de97cba Size: 1.42 MB (1422492 bytes) Detections: 9 Type: Executable File Path: C:\Users\<username>\AppData\Local\Temp\set.exe Group: Malware file Last Updated: April 28, 2022
15.	05a00036.exe	7537bdb75319d39c01cbf4455a192a07	8
Name: 05a00036.exe MD5: 7537bdb75319d39c01cbf4455a192a07 Size: 1.44 MB (1447936 bytes) Detections: 8 Type: Executable File Path: %TEMP%\1099061 Group: Malware file Last Updated: May 21, 2016
16.	qq.exe	ba118cfc691b67f1a1db70fcb7de2418	5
Name: qq.exe MD5: ba118cfc691b67f1a1db70fcb7de2418 Size: 745.47 KB (745472 bytes) Detections: 5 Type: Executable File Path: %PROGRAMFILES%\badu Group: Malware file Last Updated: July 27, 2016
17.	pptyj.exe	8aa5dd8021733a85446fa56cf94e8cb3	4
Name: pptyj.exe MD5: 8aa5dd8021733a85446fa56cf94e8cb3 Size: 1.34 MB (1349865 bytes) Detections: 4 Type: Executable File Path: %TEMP% Group: Malware file Last Updated: November 25, 2019
18.	2.exe	a887d9c2a1d8eb213005bc8e3a5b6773	4
Name: 2.exe MD5: a887d9c2a1d8eb213005bc8e3a5b6773 Size: 3.67 MB (3675648 bytes) Detections: 4 Type: Executable File Path: %TEMP% Group: Malware file Last Updated: May 19, 2016
19.	HideTarget.exe	a70dd0ca8dbc7759daf3aafd839c082f	2
Name: HideTarget.exe MD5: a70dd0ca8dbc7759daf3aafd839c082f Size: 342.05 KB (342056 bytes) Detections: 2 Type: Executable File Path: %PROGRAMFILES(x86)%\HideTarget Group: Malware file Last Updated: April 2, 2016
20.	sys.exe	91de7d9d2d49a3d6ad581f2903bdbe70	2
Name: sys.exe MD5: 91de7d9d2d49a3d6ad581f2903bdbe70 Size: 462.84 KB (462848 bytes) Detections: 2 Type: Executable File Path: %PROGRAMFILES%\badu Group: Malware file Last Updated: April 2, 2016
21.	baidu.exe	1de5d2678c1b361890329e4da0a85a63	1
Name: baidu.exe MD5: 1de5d2678c1b361890329e4da0a85a63 Size: 389.76 KB (389768 bytes) Detections: 1 Type: Executable File Path: %PROGRAMFILES(x86)%\HideTarget Group: Malware file Last Updated: April 2, 2016
22.	393a7f2caefb9071546693d4e78bdf840923f70889d9f0ede8e7f1e5c377e960.exe	6d073fb0abaeedfed6d31049bfba3ebf	0
Name: 393a7f2caefb9071546693d4e78bdf840923f70889d9f0ede8e7f1e5c377e960.exe MD5: 6d073fb0abaeedfed6d31049bfba3ebf Size: 123.39 KB (123392 bytes) Detections: 0 Type: Executable File Group: Malware file Last Updated: March 8, 2016
23.	5901f8c62f6ce9f42f79f899a2e8be1eece15fb0df9bc4d0ba58bc7fbcca4a22.exe	27da984923d6698ca28f18b7e9ea5728	0
Name: 5901f8c62f6ce9f42f79f899a2e8be1eece15fb0df9bc4d0ba58bc7fbcca4a22.exe MD5: 27da984923d6698ca28f18b7e9ea5728 Size: 147.45 KB (147456 bytes) Detections: 0 Type: Executable File Group: Malware file Last Updated: March 8, 2016
24.	6c3fc793981c6b4afa8613597a652ea727cc31c871a74d0962ab48299ea195f7.exe	04191b30efb1ad99ce746d8b81709d1d	0
Name: 6c3fc793981c6b4afa8613597a652ea727cc31c871a74d0962ab48299ea195f7.exe MD5: 04191b30efb1ad99ce746d8b81709d1d Size: 28.67 KB (28672 bytes) Detections: 0 Type: Executable File Group: Malware file Last Updated: March 8, 2016
25.	bbc7c97e8189ee6b1c55dcc8b37ae06c8701114ffc714aaa7bf4de8e62a2433b.exe	2881f976bcb31f327e509be50186f9b6	0
Name: bbc7c97e8189ee6b1c55dcc8b37ae06c8701114ffc714aaa7bf4de8e62a2433b.exe MD5: 2881f976bcb31f327e509be50186f9b6 Size: 327.68 KB (327680 bytes) Detections: 0 Type: Executable File Group: Malware file Last Updated: March 8, 2016
26.	c6fef57eecfe19b840c6e60d1a7e12762d621217eb80856ea2416c1e57437a8e.exe	1d9a9126147f06d79416b8a64341b992	0
Name: c6fef57eecfe19b840c6e60d1a7e12762d621217eb80856ea2416c1e57437a8e.exe MD5: 1d9a9126147f06d79416b8a64341b992 Size: 143.36 KB (143360 bytes) Detections: 0 Type: Executable File Group: Malware file Last Updated: March 8, 2016
27.	ce9e33416bb62d430d313a3ef1271ab9abfd52fd6fd4840629a92d7f79496360.exe	3752210d3472d9420447ed9a0eaadbb9	0
Name: ce9e33416bb62d430d313a3ef1271ab9abfd52fd6fd4840629a92d7f79496360.exe MD5: 3752210d3472d9420447ed9a0eaadbb9 Size: 28.67 KB (28672 bytes) Detections: 0 Type: Executable File Group: Malware file Last Updated: March 8, 2016

More files

Registry Details

Trojan: Win32/Hidebaid.B may create the following registry entry or registry entries:

Regexp file mask

%PROGRAMFILES%\Badu\sys.exe

%PROGRAMFILES%\Badu\uc.exe

%PROGRAMFILES%\Baidu\BindEx.exe

%PROGRAMFILES%\eee\Bind.exe

%PROGRAMFILES%\eee\uc.exe

%PROGRAMFILES%\hhh\uc.exe

%PROGRAMFILES%\lll\bind.exe

%PROGRAMFILES%\rfv\uc.exe

%PROGRAMFILES%\ttt\Bind.exe

%PROGRAMFILES%\xxx\uc.exe

%PROGRAMFILES(x86)%\Badu\uc.exe

%PROGRAMFILES(x86)%\Baidu\BindEx.exe

%PROGRAMFILES(x86)%\eee\Bind.exe

%PROGRAMFILES(x86)%\eee\uc.exe

%PROGRAMFILES(x86)%\hhh\uc.exe

%PROGRAMFILES(x86)%\lll\bind.exe

%PROGRAMFILES(x86)%\lll\uc.exe

%PROGRAMFILES(x86)%\rfv\uc.exe

%PROGRAMFILES(x86)%\Tencent\app.exe

%PROGRAMFILES(x86)%\ttt\Bind.exe

%PROGRAMFILES(x86)%\ttt\uc.exe

%PROGRAMFILES(x86)%\xxx\uc.exe

%TEMP%\pps-qq-19.exe

HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}

{B91BE9AB-DFAD-4406-8AC1-0F6D896D40CD}_is1

Directories

Trojan: Win32/Hidebaid.B may create the following directory or directories:

%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\wanttoxiamen

%APPDATA%\et\21

%APPDATA%\et\445

%PROGRAMFILES%\sbqh

%PROGRAMFILES%\sss

%PROGRAMFILES%\surranderu

%PROGRAMFILES%\wanttoxiamen

%PROGRAMFILES%\wanttoxiameng

%PROGRAMFILES(x86)%\sbqh

%PROGRAMFILES(x86)%\sss

%PROGRAMFILES(x86)%\surranderu

%PROGRAMFILES(x86)%\wanttoxiamen

%PROGRAMFILES(x86)%\wanttoxiameng

EnigmaSoft’s Payment Processor Digital River GmbH Filing for Bankruptcy Does Not Impact SpyHunter Customers’ Anti-Malware Protection

Search

Change Region

Trojan: Win32/Hidebaid.B

Threat Scorecard

EnigmaSoft Threat Scorecard

SpyHunter Detects & Remove Trojan: Win32/Hidebaid.B

File System Details

Registry Details

Directories

Submit Comment

Trending

Alsolongneb.live

Businesslistingsearch.net

Coupini Ads

Most Viewed

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen

How to Fix 'macOS cannot verify that this app is...