search

bytecode77 / r77-rootkit

Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.
https://bytecode77.com/r77-rootkit
BSD 2-Clause "Simplified" License
1.59k stars 389 forks source link

how to hide a process using a command line? #32

Closed rednas0812 closed 2 years ago

rednas0812 commented 2 years ago

example:

r77rootkit.exe -hide 'processID' or 'process name'

bytecode77 commented 2 years ago
  1. You need to first install the rootkit. For this, just execute Install.exe.
  2. Wait about 500ms until the registry key $77config was created by the rootkit.
  3. Write the PID or process name to HKEY_LOCAL_MACHINE\SOFTWARE\$77config

This is explained in more detail in the documentation.

image

rednas0812 commented 2 years ago

Oke Thank you!