Static task
static1
Behavioral task
behavioral1
Sample
Backdoor.Win32.Padodor.SK.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Backdoor.Win32.Padodor.SK.exe
Resource
win10v2004-20240802-en
General
-
Target
Backdoor.Win32.Padodor.SK.MTB-4e43d404005df45bd6a8cc8d9e6c743ee8bb612740a74f66ff133e8d8ed771b5N
-
Size
80KB
-
MD5
e32c7e642aac26a9f7c650a22241e2e0
-
SHA1
be31fa284f646317f59b7ca292dd2ee76e899f2f
-
SHA256
4e43d404005df45bd6a8cc8d9e6c743ee8bb612740a74f66ff133e8d8ed771b5
-
SHA512
c46f5c8d70387b12011db1e4415aea37d3f9470057ac0736b8281eec69335848ffe72d64381c7a8f7aeb4bc0b262fe621e7197336bd575cf9d61a12377a44ec7
-
SSDEEP
1536:IQoVmgQorsgdU9rlQbIGAJ47taIhOHmBhCt/P6RQBR/RgpMujAYC+O+Y:I3mSESUep8GhCt/P6eBVqLAYC+O+Y
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource Backdoor.Win32.Padodor.SK.MTB-4e43d404005df45bd6a8cc8d9e6c743ee8bb612740a74f66ff133e8d8ed771b5N
Files
-
Backdoor.Win32.Padodor.SK.MTB-4e43d404005df45bd6a8cc8d9e6c743ee8bb612740a74f66ff133e8d8ed771b5N.exe windows:1 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 45KB - Virtual size: 45KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.bss Size: - Virtual size: 122KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ajelhf Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ