General
-
Target
Backdoor.Win32.Padodor.SK.MTB-641d8b228f852e75d78dceb058d7671a679599d56b2c3dfdd90f1e3e9b676c31N
-
Size
96KB
-
Sample
240916-mwnq1stbrc
-
MD5
48b1a469e75e27bbf88cbc5349e59520
-
SHA1
50b5af27414a500f69dc5c6d7670d7b40241e2f0
-
SHA256
641d8b228f852e75d78dceb058d7671a679599d56b2c3dfdd90f1e3e9b676c31
-
SHA512
f4aee01a2f5da4d7d75e2beb9457292494279646d6f83ac607e1175d58335af8b22d5c84fc98ae2c51d96978f86f527ab23a14a7cbe3a130c099658efb448e77
-
SSDEEP
1536:3xoc7NwkXPdxGbTZhX7Arc1hWI4u24luVkLYvjwRQ+WbR5R45WtqV9R2R462izMR:3xVNwkXPzGbTZhXErc2T2ejwe+qHrtGD
Static task
static1
Behavioral task
behavioral1
Sample
Backdoor.Win32.Padodor.SK.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Backdoor.Win32.Padodor.SK.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
berbew
http://viruslist.com/wcmd.txt
http://viruslist.com/ppslog.php
http://viruslist.com/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
Backdoor.Win32.Padodor.SK.MTB-641d8b228f852e75d78dceb058d7671a679599d56b2c3dfdd90f1e3e9b676c31N
-
Size
96KB
-
MD5
48b1a469e75e27bbf88cbc5349e59520
-
SHA1
50b5af27414a500f69dc5c6d7670d7b40241e2f0
-
SHA256
641d8b228f852e75d78dceb058d7671a679599d56b2c3dfdd90f1e3e9b676c31
-
SHA512
f4aee01a2f5da4d7d75e2beb9457292494279646d6f83ac607e1175d58335af8b22d5c84fc98ae2c51d96978f86f527ab23a14a7cbe3a130c099658efb448e77
-
SSDEEP
1536:3xoc7NwkXPdxGbTZhX7Arc1hWI4u24luVkLYvjwRQ+WbR5R45WtqV9R2R462izMR:3xVNwkXPzGbTZhXErc2T2ejwe+qHrtGD
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-