General
-
Target
Backdoor.Win32.Padodor.SK.MTB-28fdb0e00f1f7bb50f00abf66ce5c27f4c0471779d1f6d5ca526c148b87e3afdN
-
Size
92KB
-
Sample
240916-m43j5stfpp
-
MD5
80765c98ec3216354f5fd1776b290950
-
SHA1
81a418f1ebb8bcec07b428e4b40532a32c1d2e36
-
SHA256
28fdb0e00f1f7bb50f00abf66ce5c27f4c0471779d1f6d5ca526c148b87e3afd
-
SHA512
8cd8a607ed10b08e29b581ad1d6f354a9a522ec30ff054e5a2e05168f18b995b1beafb1b11d8df30b4b2d75c2caf9a217133ad7d8023bc1a6364b2bfbf4b4969
-
SSDEEP
1536:akiXrbKLkkD3MsBeVFaD1cve+GrI7erkYkjjPtxOtDnKQrUoR24HsUs:1iXn7sBS6HfrjkvO46THsR
Static task
static1
Behavioral task
behavioral1
Sample
Backdoor.Win32.Padodor.SK.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
Backdoor.Win32.Padodor.SK.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
berbew
http://f/wcmd.htm
http://f/ppslog.php
http://f/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
Backdoor.Win32.Padodor.SK.MTB-28fdb0e00f1f7bb50f00abf66ce5c27f4c0471779d1f6d5ca526c148b87e3afdN
-
Size
92KB
-
MD5
80765c98ec3216354f5fd1776b290950
-
SHA1
81a418f1ebb8bcec07b428e4b40532a32c1d2e36
-
SHA256
28fdb0e00f1f7bb50f00abf66ce5c27f4c0471779d1f6d5ca526c148b87e3afd
-
SHA512
8cd8a607ed10b08e29b581ad1d6f354a9a522ec30ff054e5a2e05168f18b995b1beafb1b11d8df30b4b2d75c2caf9a217133ad7d8023bc1a6364b2bfbf4b4969
-
SSDEEP
1536:akiXrbKLkkD3MsBeVFaD1cve+GrI7erkYkjjPtxOtDnKQrUoR24HsUs:1iXn7sBS6HfrjkvO46THsR
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-