Inserting Raw SID Into User Group

On a computer that was hacked I have a user who created a raw SID in the
Administrator's group that doesn't appear to correspond to any forest on our
network. Before I retire the machine and rebuilt it, I would like to add
the SID in question to a group that is denied access to any resources on the
computer. But I can't add in raw SID's in the User and Computers AD
administration application. Does anyone know how to put a raw SID into a
group? The hacker knew how to do it, apparently. :)