search

bytecode77 / r77-rootkit

Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.
https://bytecode77.com/r77-rootkit
BSD 2-Clause "Simplified" License
1.59k stars 389 forks source link

I want to hide the EXE with the specified name.Where should I edit? #27

Closed 1756816846 closed 2 years ago

1756816846 commented 2 years ago

image Can you edit a configuration for me? exename=calc.exe

1756816846 commented 2 years ago

I added the registry and it has been successful.But you can't use uninstall.exe display file

1756816846 commented 2 years ago

It's OK. I forgot something

bytecode77 commented 2 years ago

The documentation is always a good starter, section 2.7 Configuration System in particular.

ConstantLearner121 commented 3 months ago

I added the registry and it has been successful.But you can't use uninstall.exe displa

did you use: reg add "HKLM\SOFTWARE\$77config\process_names" /v ExecutablePath /t REG_SZ /d "C:\Program Files\Calc\calc.exe" /f ?