Description: Kernel-level backdoor code it into the Explorer.exe service starts, and restore their own initiative to intercept sst defense. Using a kernel driver, bindshell backdoor functionality, as well as those who download capabilities.
To Search:
File list (Check if you may need any files):
bin
...\regbd.exe
readme.txt
src
...\BIN2TEXT.EXE
...\DRIVER.C
...\Release
...\apihook.cpp
...\apihook.h
...\backdoor.cpp
...\backdoor.h
...\driver
...\......\MAKEFILE
...\......\SOURCES
...\......\comm.h
...\......\debug.h
...\......\driver.c
...\driver.cpp
...\driver.h
...\driver.sys
...\main.h
...\mkdrv.bat
...\ntdll.h
...\ntdll.lib
...\regbd.cpp
...\regbd.ncb
...\regbd.sln
...\regbd.suo
...\regbd.vcproj
...\sst.cpp
...\sst.h
...\zdisasm.cpp
...\zdisasm.h