HDRoot

Description

(Kaspersky) The program parameters are quite self-explanatory – this tool installs a bootkit that infects the operating system during the boot stage with an arbitrary backdoor specified as a parameter. The backdoor has to be a Win32 executable or dynamic link library.

This utility is called “HDD Rootkit”; hence the base of our verdict names HDRoot. On 22 August 2006 the version number was 1.2.

Names

Name
HDRoot
HDD Rootkit

Type

Backdoor
Rootkit

Information

https://securelist.com/i-am-hdroot-part-1/72275/
https://securelist.com/analysis/publications/72356/i-am-hdroot-part-2/
http://williamshowalter.com/a-universal-windows-bootkit/

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.hdroot

Alienvault Otx

https://otx.alienvault.com/browse/pulses?q=tag:hdroot

Other Information

Uuid

e4011e0b-4d30-47ab-999a-2859bd0302ef

Last Card Change

2021-04-24

Threat Intelligence Garden

Explorer

HDRoot

HDRoot

Description

Names

Category

Type

Information

Malpedia

Alienvault Otx

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks