Backdoor[.]Win32[.]Padodor[.]SK[.]MTB-82e343955114fc334045312ea4d2c0e53f0339f5ec2e3836c48771b3f4e3e899N

Sharing

Copy URL Twitter E-mail

General

Target

Backdoor.Win32.Padodor.SK.MTB-82e343955114fc334045312ea4d2c0e53f0339f5ec2e3836c48771b3f4e3e899N
Size

366KB
MD5

fde6cba849aad5b19069cfd440383a70
SHA1

4de2e51a1a5a2fa389256d970c392f592184fab2
SHA256

82e343955114fc334045312ea4d2c0e53f0339f5ec2e3836c48771b3f4e3e899
SHA512

1f281b2b630156f95423d60e53a739db012e0d9be892cef63b589cd3741081b75b5003d7e83c5b653f17372b6beb1d547820ee50d9fcd0745b9053469c620a6a
SSDEEP

6144:TNoDAOvx0IP7DLnLcdpui6yYPaIGckjh/xaSfBJKFbhD7sYQpui6yYPaIGckvN4M:TNoDAOHPcdpV6yYPMLnfBJKFbhDwBpV9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Backdoor.Win32.Padodor.SK.MTB-82e343955114fc334045312ea4d2c0e53f0339f5ec2e3836c48771b3f4e3e899N

Files

Backdoor.Win32.Padodor.SK.MTB-82e343955114fc334045312ea4d2c0e53f0339f5ec2e3836c48771b3f4e3e899N
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 122KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ajelhf
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

.text Size: 45KB - Virtual size: 45KB

.bss Size: - Virtual size: 122KB

.rdata Size: 12KB - Virtual size: 12KB

.idata Size: 4KB - Virtual size: 4KB

.ajelhf Size: 512B - Virtual size: 4KB

.text Size: 8KB - Virtual size: 12KB

.rsrc Size: 2KB - Virtual size: 4KB

.text Size: 3KB - Virtual size: 4KB

.pdata Size: 512B - Virtual size: 4KB

.idata Size: 512B - Virtual size: 4KB

.idata Size: 512B - Virtual size: 4KB

.rsrc Size: 10KB - Virtual size: 12KB

.idata Size: 512B - Virtual size: 4KB

.reloc Size: 3KB - Virtual size: 4KB

.pdata Size: 1024B - Virtual size: 4KB

.reloc Size: 9KB - Virtual size: 12KB

.text
Size: 45KB - Virtual size: 45KB

.bss
Size: - Virtual size: 122KB

.rdata
Size: 12KB - Virtual size: 12KB

.idata
Size: 4KB - Virtual size: 4KB

.ajelhf
Size: 512B - Virtual size: 4KB

.text
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 2KB - Virtual size: 4KB

.text
Size: 3KB - Virtual size: 4KB

.pdata
Size: 512B - Virtual size: 4KB

.idata
Size: 512B - Virtual size: 4KB

.idata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 10KB - Virtual size: 12KB

.idata
Size: 512B - Virtual size: 4KB

.reloc
Size: 3KB - Virtual size: 4KB

.pdata
Size: 1024B - Virtual size: 4KB

.reloc
Size: 9KB - Virtual size: 12KB