Trojan: Win32/Hidebaid.B
Posted: March 7, 2016
Threat Metric
The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to
give every identifiable malware threat. Our Threat Meter includes several criteria based off of
specific malware threats to value their severity, reach and volume. The Threat Meter is able to give
you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count,
Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic
breakdown of how all threats are ranked within our own extensive malware database. The scoring for
each specific malware threat can be easily compared to other emerging threats to draw a contrast in
its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to
remove a threat or pursue additional analytical research for all types of computer users.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Ranking: | 14,702 |
|---|---|
| Threat Level: | 8/10 |
| Infected PCs: | 79,053 |
| First Seen: | March 7, 2016 |
|---|---|
| Last Seen: | March 4, 2025 |
| OS(es) Affected: | Windows |
Trojan: Win32/Hidebaid.B is an advanced threat that may exploit various system vulnerabilities to enter undetected. Trojan: Win32/Hidebaid.B may open backdoors on infected machines. The parasite may connect the computers with distant hosts that work as Command and Control (C&C) servers. The hackers behind these attacks may use these hosts to transfer their instructions to the threat. They may use Trojan: Win32/Hidebaid.B to collect valuable files or obtain essential account credentials like the usernames and passwords for your bank accounts. If Trojan: Win32/Hidebaid.B reaches your PC, it may deteriorate its performance significantly due to the incoming and outgoing Internet traffic. Except for a possible slower operating speed of your machine, you may not notice too many additional clues unless you search for specific files and folders that it creates. This backdoor Trojan works in the background to prevent you from taking the proper measures in time. The consequences of the infection with this complex cyber threat may be detrimental, so it is advisable to make everything possible not to let Trojan: Win32/Hidebaid.B reach your PC in the first place. Trojan: Win32/Hidebaid.B travels across the cyberspace mainly as a corrupt email attachment. It may seem to be an invoice, a text file, a .pdf presentation, etc. If the sender of the message is unfamiliar to you, you should never open any attached files. Trojan: Win32/Hidebaid.B also may spread to your system if you connect compromised USB drives or download fake software updates. Trojan: Win32/Hidebaid.B may change an array of settings to remain hidden and functioning at all times. Trojan: Win32/Hidebaid.B may interfere with the Windows Registries to create an Autorun file. The parasite also may turn off automatic updates or disable the Windows Firewall to prevent detection. Once all preparatory actions are completed, Trojan: Win32/Hidebaid.B may initiate the connection to the remote hosts, which will put at risk all of your information. To prevent the significant issues that may follow, you should install credible security software that can delete Trojan: Win32/Hidebaid.B efficiently.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:C:\Program Files (x86)\Intel\Rs.exe
File name: Rs.exeSize: 188.41 KB (188416 bytes)
MD5: 0afcd87b9a9b5b3a9441e3ea1e7ff8bc
Detection count: 2,618
File type: Executable File
Mime Type: unknown/exe
Path: C:\Program Files (x86)\Intel\Rs.exe
Group: Malware file
Last Updated: August 7, 2022
%APPDATA%\et\445\bd.exe
File name: bd.exeSize: 95.23 KB (95232 bytes)
MD5: b471ad32e0d4e92a60234b60558e094f
Detection count: 2,347
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\et\445
Group: Malware file
Last Updated: December 1, 2023
%TEMP%\3.exe
File name: 3.exeSize: 3.07 MB (3076608 bytes)
MD5: f41b2e826cbfdd89d24a0257afe7390c
Detection count: 262
File type: Executable File
Mime Type: unknown/exe
Path: %TEMP%
Group: Malware file
Last Updated: April 1, 2020
%TEMP%\pps-qq-19.exe
File name: pps-qq-19.exeSize: 3.69 MB (3695616 bytes)
MD5: b269efdd591492b2036d0c1535693151
Detection count: 136
File type: Executable File
Mime Type: unknown/exe
Path: %TEMP%
Group: Malware file
Last Updated: April 30, 2016
c6fef57eecfe19b840c6e60d1a7e12762d621217eb80856ea2416c1e57437a8e.exe
File name: c6fef57eecfe19b840c6e60d1a7e12762d621217eb80856ea2416c1e57437a8e.exeSize: 143.36 KB (143360 bytes)
MD5: 1d9a9126147f06d79416b8a64341b992
Detection count: 86
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: March 8, 2016
bbc7c97e8189ee6b1c55dcc8b37ae06c8701114ffc714aaa7bf4de8e62a2433b.exe
File name: bbc7c97e8189ee6b1c55dcc8b37ae06c8701114ffc714aaa7bf4de8e62a2433b.exeSize: 327.68 KB (327680 bytes)
MD5: 2881f976bcb31f327e509be50186f9b6
Detection count: 85
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: March 8, 2016
6c3fc793981c6b4afa8613597a652ea727cc31c871a74d0962ab48299ea195f7.exe
File name: 6c3fc793981c6b4afa8613597a652ea727cc31c871a74d0962ab48299ea195f7.exeSize: 28.67 KB (28672 bytes)
MD5: 04191b30efb1ad99ce746d8b81709d1d
Detection count: 84
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: March 8, 2016
5901f8c62f6ce9f42f79f899a2e8be1eece15fb0df9bc4d0ba58bc7fbcca4a22.exe
File name: 5901f8c62f6ce9f42f79f899a2e8be1eece15fb0df9bc4d0ba58bc7fbcca4a22.exeSize: 147.45 KB (147456 bytes)
MD5: 27da984923d6698ca28f18b7e9ea5728
Detection count: 83
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: March 8, 2016
393a7f2caefb9071546693d4e78bdf840923f70889d9f0ede8e7f1e5c377e960.exe
File name: 393a7f2caefb9071546693d4e78bdf840923f70889d9f0ede8e7f1e5c377e960.exeSize: 123.39 KB (123392 bytes)
MD5: 6d073fb0abaeedfed6d31049bfba3ebf
Detection count: 81
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: March 8, 2016
%PROGRAMFILES(x86)%\HideTarget\baidu.exe
File name: baidu.exeSize: 389.76 KB (389768 bytes)
MD5: 1de5d2678c1b361890329e4da0a85a63
Detection count: 71
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES(x86)%\HideTarget
Group: Malware file
Last Updated: April 2, 2016
C:\Users\<username>\AppData\Local\Temp\691224\ic-0.d85772ad769918.exe
File name: ic-0.d85772ad769918.exeSize: 1.52 MB (1522395 bytes)
MD5: f88188eca355bbf9f3b9cb7258c27321
Detection count: 30
File type: Executable File
Mime Type: unknown/exe
Path: C:\Users\<username>\AppData\Local\Temp\691224\ic-0.d85772ad769918.exe
Group: Malware file
Last Updated: April 28, 2022
C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\badu\Bind.exe.vir
File name: Bind.exe.virSize: 53.24 KB (53248 bytes)
MD5: b1c81e36d4249155ebd5094b711911f6
Detection count: 30
Mime Type: unknown/vir
Path: C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\badu\Bind.exe.vir
Group: Malware file
Last Updated: June 1, 2022
%PROGRAMFILES%\Tencent\app.exe
File name: app.exeSize: 167.93 KB (167936 bytes)
MD5: e54fe8e1e0765e9f3ebfd3f31f9400b6
Detection count: 26
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\Tencent
Group: Malware file
Last Updated: November 19, 2016
C:\Program Files (x86)\ttt\Bind.exe
File name: Bind.exeSize: 49.15 KB (49152 bytes)
MD5: d0b7db7b5da999f1db484183641ab1a7
Detection count: 23
File type: Executable File
Mime Type: unknown/exe
Path: C:\Program Files (x86)\ttt\Bind.exe
Group: Malware file
Last Updated: August 9, 2022
C:\Users\<username>\AppData\Local\Temp\set.exe
File name: set.exeSize: 1.42 MB (1422492 bytes)
MD5: d61df9afbe5bd98353f6dc8e0de97cba
Detection count: 21
File type: Executable File
Mime Type: unknown/exe
Path: C:\Users\<username>\AppData\Local\Temp\set.exe
Group: Malware file
Last Updated: April 28, 2022
%TEMP%\1099061\05a00036.exe
File name: 05a00036.exeSize: 1.44 MB (1447936 bytes)
MD5: 7537bdb75319d39c01cbf4455a192a07
Detection count: 19
File type: Executable File
Mime Type: unknown/exe
Path: %TEMP%\1099061
Group: Malware file
Last Updated: May 21, 2016
%PROGRAMFILES%\badu\qq.exe
File name: qq.exeSize: 745.47 KB (745472 bytes)
MD5: ba118cfc691b67f1a1db70fcb7de2418
Detection count: 12
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\badu
Group: Malware file
Last Updated: July 27, 2016
%TEMP%\pptyj.exe
File name: pptyj.exeSize: 1.34 MB (1349865 bytes)
MD5: 8aa5dd8021733a85446fa56cf94e8cb3
Detection count: 9
File type: Executable File
Mime Type: unknown/exe
Path: %TEMP%
Group: Malware file
Last Updated: November 25, 2019
%TEMP%\2.exe
File name: 2.exeSize: 3.67 MB (3675648 bytes)
MD5: a887d9c2a1d8eb213005bc8e3a5b6773
Detection count: 9
File type: Executable File
Mime Type: unknown/exe
Path: %TEMP%
Group: Malware file
Last Updated: May 19, 2016
%PROGRAMFILES(x86)%\HideTarget\HideTarget.exe
File name: HideTarget.exeSize: 342.05 KB (342056 bytes)
MD5: a70dd0ca8dbc7759daf3aafd839c082f
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES(x86)%\HideTarget
Group: Malware file
Last Updated: April 2, 2016
%PROGRAMFILES%\badu\sys.exe
File name: sys.exeSize: 462.84 KB (462848 bytes)
MD5: 91de7d9d2d49a3d6ad581f2903bdbe70
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\badu
Group: Malware file
Last Updated: April 2, 2016
More files
Registry Modifications
The following newly produced Registry Values are:
Regexp file mask%PROGRAMFILES%\Badu\sys.exe%PROGRAMFILES%\Badu\uc.exe%PROGRAMFILES%\Baidu\BindEx.exe%PROGRAMFILES%\eee\Bind.exe%PROGRAMFILES%\eee\uc.exe%PROGRAMFILES%\hhh\uc.exe%PROGRAMFILES%\lll\bind.exe%PROGRAMFILES%\rfv\uc.exe%PROGRAMFILES%\ttt\Bind.exe%PROGRAMFILES%\xxx\uc.exe%PROGRAMFILES(x86)%\Badu\uc.exe%PROGRAMFILES(x86)%\Baidu\BindEx.exe%PROGRAMFILES(x86)%\eee\Bind.exe%PROGRAMFILES(x86)%\eee\uc.exe%PROGRAMFILES(x86)%\hhh\uc.exe%PROGRAMFILES(x86)%\lll\bind.exe%PROGRAMFILES(x86)%\lll\uc.exe%PROGRAMFILES(x86)%\rfv\uc.exe%PROGRAMFILES(x86)%\Tencent\app.exe%PROGRAMFILES(x86)%\ttt\Bind.exe%PROGRAMFILES(x86)%\ttt\uc.exe%PROGRAMFILES(x86)%\xxx\uc.exe%TEMP%\pps-qq-19.exeHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}{B91BE9AB-DFAD-4406-8AC1-0F6D896D40CD}_is1
Regexp file mask%PROGRAMFILES%\Badu\sys.exe%PROGRAMFILES%\Badu\uc.exe%PROGRAMFILES%\Baidu\BindEx.exe%PROGRAMFILES%\eee\Bind.exe%PROGRAMFILES%\eee\uc.exe%PROGRAMFILES%\hhh\uc.exe%PROGRAMFILES%\lll\bind.exe%PROGRAMFILES%\rfv\uc.exe%PROGRAMFILES%\ttt\Bind.exe%PROGRAMFILES%\xxx\uc.exe%PROGRAMFILES(x86)%\Badu\uc.exe%PROGRAMFILES(x86)%\Baidu\BindEx.exe%PROGRAMFILES(x86)%\eee\Bind.exe%PROGRAMFILES(x86)%\eee\uc.exe%PROGRAMFILES(x86)%\hhh\uc.exe%PROGRAMFILES(x86)%\lll\bind.exe%PROGRAMFILES(x86)%\lll\uc.exe%PROGRAMFILES(x86)%\rfv\uc.exe%PROGRAMFILES(x86)%\Tencent\app.exe%PROGRAMFILES(x86)%\ttt\Bind.exe%PROGRAMFILES(x86)%\ttt\uc.exe%PROGRAMFILES(x86)%\xxx\uc.exe%TEMP%\pps-qq-19.exeHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}{B91BE9AB-DFAD-4406-8AC1-0F6D896D40CD}_is1
Additional Information
The following directories were created:
%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\wanttoxiamen%APPDATA%\et\21%APPDATA%\et\445%PROGRAMFILES%\sbqh%PROGRAMFILES%\sss%PROGRAMFILES%\surranderu%PROGRAMFILES%\wanttoxiamen%PROGRAMFILES%\wanttoxiameng%PROGRAMFILES(x86)%\sbqh%PROGRAMFILES(x86)%\sss%PROGRAMFILES(x86)%\surranderu%PROGRAMFILES(x86)%\wanttoxiamen%PROGRAMFILES(x86)%\wanttoxiameng
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.