Sticky Keys
Sticky keys backdoor.
Replace the originali sethc.exe with a cmd.exe and rename it. You may need to change sethc.exe owner to yourself first as TrustedIntaller may be giving you a hard time:
Hit shift 5 times while on the logon screen to invoke the backdoor:
If you notice sethc.exe spawning well known windows processes, you may want to investigate the endpoint further:
Last modified 4yr ago