Backdoor

About “Backdoor:Win32/Padodor.SK!MTB” infection

Malware Removal

The Backdoor:Win32/Padodor.SK!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Backdoor:Win32/Padodor.SK!MTB virus can do?

  • Creates an indicator observed in Territorial Disputes report SIG40
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous binary characteristics
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Backdoor:Win32/Padodor.SK!MTB?



File Info:

name: E3C9F6603257F770E8BE.mlw
path: /opt/CAPEv2/storage/binaries/639d58fd6577c2d7b93d647023bd9aca8df9e5f4fe6676e74797a18c24a91825
crc32: 68845B51
md5: e3c9f6603257f770e8beba6132df603d
sha1: 69f19502b904b0801cd613082a3fa88533c3de44
sha256: 639d58fd6577c2d7b93d647023bd9aca8df9e5f4fe6676e74797a18c24a91825
sha512: 2ffa5dd02437bc11c97206a9e66703fb529b582b7e941991ecd6f0eeb67b7cee37a2c3d06fe6b9d6a34e60226cc39cd582ecd3adfe54d8e3a62321c23d4f17ba
ssdeep: 3072:4exVaMeV4DJor1yFmjE8fo3PXl9Z7S/yCsKh2EzZA/z:4kUMeV4d81emjEgo35e/yCthvUz
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C6B36D1BA64A2FB2CB4103F11D16D9C7796E54EF0FBEF6A1C818F00A36179BA8367154
sha3_384: bb4fb1cdc99cbd413587167b9370aaf69a433780796b4b451f64fd37987517f7e7f4ed46f390a000bb04c9589cc4cdfe
ep_bytes: 90909090b8001040009090bb38de4000
timestamp: 1980-09-26 05:39:38


Version Info:

0: [No Data]

Backdoor:Win32/Padodor.SK!MTB also known as:

BkavW32.AIDetectMalware
tehtrisGeneric.Malware
DrWebBackDoor.Wdozer
MicroWorld-eScanGeneric.Dacic.AB13442E.A.B2C63644
FireEyeGeneric.mg.e3c9f6603257f770
SkyhighBehavesLike.Win32.Generic.cc
McAfeeGenericRXAA-AA!E3C9F6603257
MalwarebytesGeneric.Malware.AI.DDS
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 005780dd1 )
K7GWTrojan ( 005780dd1 )
Cybereasonmalicious.2b904b
ArcabitGeneric.Dacic.AB13442E.A.B2C63644
BitDefenderThetaAI:Packer.9F7E7E0821
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32Win32/Padodor.AB
CynetMalicious (score: 100)
APEXMalicious
ClamAVWin.Packed.Barys-10002063-0
KasperskyBackdoor.Win32.Padodor.gen
BitDefenderGeneric.Dacic.AB13442E.A.B2C63644
NANO-AntivirusTrojan.Win32.Padodor.iuspgg
AvastWin32:Padodor-V [Trj]
TencentBackdoor.Win32.Padodor.kp
TACHYONBackdoor/W32.Padodor
EmsisoftGeneric.Dacic.AB13442E.A.B2C63644 (B)
F-SecureTrojan.TR/Crypt.ZPACK.Gen2
VIPREGeneric.Dacic.AB13442E.A.B2C63644
Trapminemalicious.high.ml.score
SophosMal/Generic-S
IkarusTrojan.Win32.Padodor
JiangminBackdoor.Padodor.eyki
VaristW32/Backdoor.DKIC-2994
AviraTR/Crypt.ZPACK.Gen2
Antiy-AVLTrojan[Proxy]/Win32.Qukart.gen
Kingsoftmalware.kb.a.1000
MicrosoftBackdoor:Win32/Padodor.SK!MTB
ZoneAlarmBackdoor.Win32.Padodor.gen
GDataGeneric.Dacic.AB13442E.A.B2C63644
GoogleDetected
AhnLab-V3Win-Trojan/Berbew.51712
Acronissuspicious
VBA32Backdoor.Padodor
ALYacGeneric.Dacic.AB13442E.A.B2C63644
MAXmalware (ai score=89)
Cylanceunsafe
PandaTrj/Genetic.gen
RisingBackdoor.Padodor!8.118 (TFE:5:sru23FZbUHP)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Agent.B077!tr
AVGWin32:Padodor-V [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (D)

How to remove Backdoor:Win32/Padodor.SK!MTB?

Backdoor:Win32/Padodor.SK!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment