Backdoor

Backdoor:Win32/Padodor.SK!MTB information

Malware Removal

The Backdoor:Win32/Padodor.SK!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Backdoor:Win32/Padodor.SK!MTB virus can do?

  • Sample contains Overlay data
  • Creates an indicator observed in Territorial Disputes report SIG40
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Backdoor:Win32/Padodor.SK!MTB?



File Info:

name: 8ADFA53B8D3B6F209F04.mlw
path: /opt/CAPEv2/storage/binaries/a48e522d35292fcbcaf6751704a7307968f1d9b0a12a4ba606a74606e55554e4
crc32: EA46F0AB
md5: 8adfa53b8d3b6f209f0404b01e319c1c
sha1: 6a7f293cd31da7377abc8c2ee9147a74891271f0
sha256: a48e522d35292fcbcaf6751704a7307968f1d9b0a12a4ba606a74606e55554e4
sha512: 0e2a697db4cb7c07e673cdbba25fb93371acdfe12d03735893d6e8bf764f326368795bb0a8b25128e9aae1d92a6dad2d188975e1fb3ab4bc173790d39c9e35c2
ssdeep: 6144:RlrxQw90Q7RNCneHPk9C81NByvZ6Mxv5Rar3O6B9fZSLhZmzbBy9:HiwiQ7RN5s9C8HByvNv54B9f01ZmHBy9
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T193447B9732DA1E7DDF940EBC616E6018602CD065FF29EDBD8385D219BDE69CCC269C80
sha3_384: 08244159f108d28b3e4f2b4ea5c4a41c6a0786cfd009f4ed865eb90f7938d3362cb7d50a86c280575a7bac2e819b09d6
ep_bytes: 909090b80010400090bbd0c7400090b9
timestamp: 2023-04-07 03:39:59


Version Info:

0: [No Data]

Backdoor:Win32/Padodor.SK!MTB also known as:

BkavW32.AIDetectMalware
tehtrisGeneric.Malware
CynetMalicious (score: 100)
CAT-QuickHealWorm.Dorkbot.A
SkyhighBehavesLike.Win32.Generic.dc
McAfeeGeneric Malware.bj
Cylanceunsafe
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 005780dd1 )
K7GWTrojan ( 005780dd1 )
CrowdStrikewin/malicious_confidence_100% (D)
ArcabitGenPack:Trojan.Agent.DQQO
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32Win32/Padodor.NAM
APEXMalicious
ClamAVWin.Malware.Padodor-6840301-0
KasperskyBackdoor.Win32.Padodor.gen
BitDefenderGenPack:Trojan.Agent.DQQO
NANO-AntivirusTrojan.Win32.Padodor.foufls
MicroWorld-eScanGenPack:Trojan.Agent.DQQO
AvastWin32:BackdoorX-gen [Trj]
TencentBackdoor.Win32.Padodor.kp
TACHYONBackdoor/W32.Padodor
SophosML/PE-A
F-SecureTrojan.TR/Crypt.XDR.Gen
DrWebBackDoor.HangUp.5
VIPREGenPack:Trojan.Agent.DQQO
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.8adfa53b8d3b6f20
EmsisoftGenPack:Trojan.Agent.DQQO (B)
IkarusBackdoor.Win32.Padodor
JiangminBackdoor.Padodor.evyf
GoogleDetected
AviraTR/Crypt.XDR.Gen
Antiy-AVLTrojan[Proxy]/Win32.Qukart.gen
MicrosoftBackdoor:Win32/Padodor.SK!MTB
ZoneAlarmBackdoor.Win32.Padodor.gen
GDataGenPack:Trojan.Agent.DQQO
VaristW32/Pahador.QLFO-8537
AhnLab-V3Win-Trojan/Berbew.51712
Acronissuspicious
BitDefenderThetaAI:Packer.8B9E6A881D
ALYacGenPack:Trojan.Agent.DQQO
MAXmalware (ai score=87)
VBA32Backdoor.Padodor
MalwarebytesPadodor.Backdoor.Bot.DDS
PandaTrj/Genetic.gen
RisingBackdoor.Berbew!1.AF13 (CLASSIC)
YandexBackdoor.Padodor.AF
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Qukart.BE88!tr.spy
AVGWin32:BackdoorX-gen [Trj]
Cybereasonmalicious.cd31da
DeepInstinctMALICIOUS

How to remove Backdoor:Win32/Padodor.SK!MTB?

Backdoor:Win32/Padodor.SK!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment