Skip to content
MalwareWiki

Malware

Rovnix

aka Mayachok · Cidox · BkLoader

Rovnix is a bootkit and consists of a driver loader (in the VBR) and the drivers (32bit, 64bit) themselves.

Rovnix is a bootkit and consists of a driver loader (in the VBR) and the drivers (32bit, 64bit) themselves. It is part of the Carberp source code leak (https://github.com/nyx0/Rovnix). Rovnix has been used to protect Gozi ISFB, ReactorBot and Rerdom (at least).

Family metadata imported from Malpedia (Fraunhofer FKIE).