General
-
Target
Backdoor.Win32.Padodor.SK.MTB-1c64e284b8ee27e0cd66a9f70b0a1499289e33c203f1b4586aa3e1c5f49f5c86N
-
Size
304KB
-
Sample
240916-rzxkjssgqb
-
MD5
077972fb68ab3245ec0f113e6f9b5130
-
SHA1
595ef2ab71631235214229f72deadbc56b30011c
-
SHA256
1c64e284b8ee27e0cd66a9f70b0a1499289e33c203f1b4586aa3e1c5f49f5c86
-
SHA512
97c7003c967cc14a21ca6db34585b340260c46b3ea376a959503e19df762d01d91bfdd98a8f2ff5fff9fb7762937b5de4f3f55199a986e846d7ca6a5165b63bd
-
SSDEEP
6144:Lx5YNqTBhIhAvFeJLbnCBbC+nVLjOPj194oQAPJiduHyFfeoHiWmVlWaPxqZcNpQ:1SwTBvFeJLbnCN3xjOPj1Gg2uHyFfeo1
Static task
static1
Behavioral task
behavioral1
Sample
Backdoor.Win32.Padodor.SK.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Backdoor.Win32.Padodor.SK.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
berbew
http://f/wcmd.htm
http://f/ppslog.php
http://f/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
Backdoor.Win32.Padodor.SK.MTB-1c64e284b8ee27e0cd66a9f70b0a1499289e33c203f1b4586aa3e1c5f49f5c86N
-
Size
304KB
-
MD5
077972fb68ab3245ec0f113e6f9b5130
-
SHA1
595ef2ab71631235214229f72deadbc56b30011c
-
SHA256
1c64e284b8ee27e0cd66a9f70b0a1499289e33c203f1b4586aa3e1c5f49f5c86
-
SHA512
97c7003c967cc14a21ca6db34585b340260c46b3ea376a959503e19df762d01d91bfdd98a8f2ff5fff9fb7762937b5de4f3f55199a986e846d7ca6a5165b63bd
-
SSDEEP
6144:Lx5YNqTBhIhAvFeJLbnCBbC+nVLjOPj194oQAPJiduHyFfeoHiWmVlWaPxqZcNpQ:1SwTBvFeJLbnCN3xjOPj1Gg2uHyFfeo1
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-