Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Backdoor.Win32.Padodor.SK.MTB-c52d222c87122cb94898d517e1cf2e4ece8166b65868416647fb1e376f0b0948N
-
Size
72KB
-
Sample
240916-tbpk5swemm
-
MD5
26f7483777c2336dcf474a4455366dd0
-
SHA1
1173670d17824bbe85f47cbb17d1960df695c92a
-
SHA256
c52d222c87122cb94898d517e1cf2e4ece8166b65868416647fb1e376f0b0948
-
SHA512
2c90d23a3d3a41ab5f8f36192a93cc4d30c94fc2f8c4252a4c177b17b65e3cf77875cd8a4bdbf8781429e78893ab776bc2a6eb516d334eee66fd1fbc9d78174d
-
SSDEEP
1536:hKnngR/14sDjHLOhkASuiKAdKPAJKE1kTRQaDbEyRCRRRoR4Rk4:hk8GsD/OhLSfhdUAzie0Ey032ya4
Static task
static1
Behavioral task
behavioral1
Sample
Backdoor.Win32.Padodor.SK.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
Backdoor.Win32.Padodor.SK.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
berbew
http://viruslist.com/wcmd.txt
http://viruslist.com/ppslog.php
http://viruslist.com/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
Backdoor.Win32.Padodor.SK.MTB-c52d222c87122cb94898d517e1cf2e4ece8166b65868416647fb1e376f0b0948N
-
Size
72KB
-
MD5
26f7483777c2336dcf474a4455366dd0
-
SHA1
1173670d17824bbe85f47cbb17d1960df695c92a
-
SHA256
c52d222c87122cb94898d517e1cf2e4ece8166b65868416647fb1e376f0b0948
-
SHA512
2c90d23a3d3a41ab5f8f36192a93cc4d30c94fc2f8c4252a4c177b17b65e3cf77875cd8a4bdbf8781429e78893ab776bc2a6eb516d334eee66fd1fbc9d78174d
-
SSDEEP
1536:hKnngR/14sDjHLOhkASuiKAdKPAJKE1kTRQaDbEyRCRRRoR4Rk4:hk8GsD/OhLSfhdUAzie0Ey032ya4
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-