Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Backdoor.Win32.Padodor.SK.MTB-5bc177546d6cef26c60479967ed37928409a7567168717c9eb1a29530cd78eb9N
-
Size
89KB
-
Sample
240916-tp1kkaxclj
-
MD5
389b3607410d9b4c80abe5b54f483970
-
SHA1
a2c08e4768f0d32728936cdd12d735247cc1b8ab
-
SHA256
5bc177546d6cef26c60479967ed37928409a7567168717c9eb1a29530cd78eb9
-
SHA512
66c075b964e4fd6c63f96c737427e26176f213944614b9229d74fa14c217421cc79a57b6bdc34caf75e0aa468e46accab826d200bf55598e7faee6103f9cfbb8
-
SSDEEP
1536:jFdJzB0Ccib47iHbyLIKq+4P8+1e8aYN+ugtrURQTD68a+VMKKTRVGFtUhQfR1Wy:xdJxciMWHzKqP8+1PYUeSr4MKy3G7UEb
Static task
static1
Behavioral task
behavioral1
Sample
Backdoor.Win32.Padodor.SK.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Backdoor.Win32.Padodor.SK.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
berbew
http://viruslist.com/wcmd.txt
http://viruslist.com/ppslog.php
http://viruslist.com/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
Backdoor.Win32.Padodor.SK.MTB-5bc177546d6cef26c60479967ed37928409a7567168717c9eb1a29530cd78eb9N
-
Size
89KB
-
MD5
389b3607410d9b4c80abe5b54f483970
-
SHA1
a2c08e4768f0d32728936cdd12d735247cc1b8ab
-
SHA256
5bc177546d6cef26c60479967ed37928409a7567168717c9eb1a29530cd78eb9
-
SHA512
66c075b964e4fd6c63f96c737427e26176f213944614b9229d74fa14c217421cc79a57b6bdc34caf75e0aa468e46accab826d200bf55598e7faee6103f9cfbb8
-
SSDEEP
1536:jFdJzB0Ccib47iHbyLIKq+4P8+1e8aYN+ugtrURQTD68a+VMKKTRVGFtUhQfR1Wy:xdJxciMWHzKqP8+1PYUeSr4MKy3G7UEb
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-