General
-
Target
Backdoor.Win32.Padodor.SK.MTB-b6fd7e63a61face4ccb174f2905bb6c9470b87eb20832a6a1b75494ba4413a96N
-
Size
120KB
-
Sample
240916-rw3mdssfmg
-
MD5
de34e7c7711443a8d53f35e9b52bc680
-
SHA1
a61bf6461ef475b927d9b542c78775b5b8e47e1d
-
SHA256
b6fd7e63a61face4ccb174f2905bb6c9470b87eb20832a6a1b75494ba4413a96
-
SHA512
762143085b3edb4460743c944ee8b6b02726e4c0da171ee0b3ac6a3092045f35d6269e15446e9a3c24e42e016de3ab2a2826e840ca1e6327bfa936b327f320dc
-
SSDEEP
3072:KebP4FTfRs8mB9Kxep203H/6TC+qF1SsB1bw4AVRrd9:Kez4k8CYEp9C81NBy9
Behavioral task
behavioral1
Sample
Backdoor.Win32.Padodor.SK.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
Backdoor.Win32.Padodor.SK.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
berbew
http://viruslist.com/wcmd.txt
http://viruslist.com/ppslog.php
http://viruslist.com/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
Backdoor.Win32.Padodor.SK.MTB-b6fd7e63a61face4ccb174f2905bb6c9470b87eb20832a6a1b75494ba4413a96N
-
Size
120KB
-
MD5
de34e7c7711443a8d53f35e9b52bc680
-
SHA1
a61bf6461ef475b927d9b542c78775b5b8e47e1d
-
SHA256
b6fd7e63a61face4ccb174f2905bb6c9470b87eb20832a6a1b75494ba4413a96
-
SHA512
762143085b3edb4460743c944ee8b6b02726e4c0da171ee0b3ac6a3092045f35d6269e15446e9a3c24e42e016de3ab2a2826e840ca1e6327bfa936b327f320dc
-
SSDEEP
3072:KebP4FTfRs8mB9Kxep203H/6TC+qF1SsB1bw4AVRrd9:Kez4k8CYEp9C81NBy9
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-