General
-
Target
Backdoor.Win32.Padodor.SK.MTB-2b4b0563aea01cb9c00f677435423fa37262ce9d80246b715b5171a028083635N
-
Size
71KB
-
Sample
240916-m2bzeatenn
-
MD5
73d948e5704832a2cadd3a385507f0f0
-
SHA1
48fdb222c1d10b76fe93c8b69cafdf87f98825f6
-
SHA256
2b4b0563aea01cb9c00f677435423fa37262ce9d80246b715b5171a028083635
-
SHA512
0254a3505818724064e6a7cf9994bce922282b04cd8ce0f18e9c20764d8ade6efb7a9e9c44a65fb6b019d52bbc5cef88c0094e6f676a29ddfc5028e7c166c226
-
SSDEEP
1536:+Ahon8W0HEEUh+4SK6sIQZgkQkYeTndmRQPK1P+ATT:glPh4aIVkkkndmeCP+A3
Static task
static1
Behavioral task
behavioral1
Sample
Backdoor.Win32.Padodor.SK.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Backdoor.Win32.Padodor.SK.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
berbew
http://viruslist.com/wcmd.txt
http://viruslist.com/ppslog.php
http://viruslist.com/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
Backdoor.Win32.Padodor.SK.MTB-2b4b0563aea01cb9c00f677435423fa37262ce9d80246b715b5171a028083635N
-
Size
71KB
-
MD5
73d948e5704832a2cadd3a385507f0f0
-
SHA1
48fdb222c1d10b76fe93c8b69cafdf87f98825f6
-
SHA256
2b4b0563aea01cb9c00f677435423fa37262ce9d80246b715b5171a028083635
-
SHA512
0254a3505818724064e6a7cf9994bce922282b04cd8ce0f18e9c20764d8ade6efb7a9e9c44a65fb6b019d52bbc5cef88c0094e6f676a29ddfc5028e7c166c226
-
SSDEEP
1536:+Ahon8W0HEEUh+4SK6sIQZgkQkYeTndmRQPK1P+ATT:glPh4aIVkkkndmeCP+A3
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-