Backdoor

Backdoor:Win32/Padodor.SK!MTB removal guide

Malware Removal

The Backdoor:Win32/Padodor.SK!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Backdoor:Win32/Padodor.SK!MTB virus can do?

  • Creates an indicator observed in Territorial Disputes report SIG40
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Backdoor:Win32/Padodor.SK!MTB?



File Info:

name: EFDF8F550D4F347C1A57.mlw
path: /opt/CAPEv2/storage/binaries/4d633f68734a0763756ebda4b867527c2403c8b013718fe8084da26cd8f3bbfd
crc32: A3FC508A
md5: efdf8f550d4f347c1a57f62d04dc5e89
sha1: 1a9738e6be27f484340f3527a3ebc615717a887b
sha256: 4d633f68734a0763756ebda4b867527c2403c8b013718fe8084da26cd8f3bbfd
sha512: 6700706c89f947ceadf92ef0a79bcfb34bb04bd0779c5fe6d7bd597bc612eb7f6b6c6eac6578406b9e8c6bcff63f0cf9d8d84654bda7760a1570e597ed2a36fe
ssdeep: 1536:zzpILrwjz93c2sz3Kb3lPusgQUmZn1qqNCeccL5H+sRQ4cDRkRLJzeLD9N0iQGR4:zWkZseTlP5fsqN/cIve4ASJdEN0s4WEd
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1E4935BDB65841E62CC8022B0275EE5D662C597F947138DEC18B84D2D23B6E18AC7FF8D
sha3_384: 179da20cb1dc7d110fbaf5cd9da819b07de3af9821db12b9bcebca2137218ea3376e7e3b3321fc91b68085c1eda751f3
ep_bytes: 90909090b800104000bbd0c740009090
timestamp: 2017-10-15 03:39:59


Version Info:

0: [No Data]

Backdoor:Win32/Padodor.SK!MTB also known as:

BkavW32.AIDetectMalware
tehtrisGeneric.Malware
MicroWorld-eScanGen:Trojan.ShellObject.f8W@aeOesjp
ClamAVWin.Trojan.Qukart-10012701-0
SkyhighBehavesLike.Win32.Generic.nc
McAfeeGenericRXHD-SL!A4611E85B277
MalwarebytesGeneric.Malware.AI.DDS
VIPREGen:Trojan.ShellObject.f8W@aeOesjp
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 005780dd1 )
K7GWTrojan ( 005780dd1 )
CrowdStrikewin/malicious_confidence_100% (D)
ArcabitTrojan.ShellObject.E8EEEC
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32Win32/Padodor.NAM
APEXMalicious
CynetMalicious (score: 100)
KasperskyBackdoor.Win32.Padodor.gen
BitDefenderGen:Trojan.ShellObject.f8W@aeOesjp
NANO-AntivirusTrojan.Win32.Padodor.fgnbxp
AvastWin32:BackdoorX-gen [Trj]
TencentBackdoor.Win32.Padodor.kg
EmsisoftGen:Trojan.ShellObject.f8W@aeOesjp (B)
F-SecureTrojan.TR/Crypt.ZPACK.Gen
DrWebBackDoor.HangUp.5
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.efdf8f550d4f347c
SophosMal/Generic-S
SentinelOneStatic AI – Malicious PE
JiangminBackdoor.Padodor.ewpp
GoogleDetected
AviraTR/Crypt.ZPACK.Gen
MAXmalware (ai score=84)
Antiy-AVLTrojan[Proxy]/Win32.Qukart.gen
Kingsoftmalware.kb.a.1000
MicrosoftBackdoor:Win32/Padodor.SK!MTB
ZoneAlarmBackdoor.Win32.Padodor.gen
GDataGen:Trojan.ShellObject.f8W@aeOesjp
VaristW32/Pahador.QLFO-8537
AhnLab-V3Win-Trojan/Berbew.51712
Acronissuspicious
BitDefenderThetaAI:Packer.2ABBEDA021
ALYacGen:Trojan.ShellObject.f8W@aeOesjp
TACHYONBackdoor/W32.Padodor
VBA32Backdoor.Padodor
Cylanceunsafe
PandaTrj/Genetic.gen
RisingBackdoor.Berbew!1.AF13 (CLASSIC)
IkarusTrojan.Crypt
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/GenKryptik.FBNK!tr
AVGWin32:BackdoorX-gen [Trj]
Cybereasonmalicious.6be27f
DeepInstinctMALICIOUS

How to remove Backdoor:Win32/Padodor.SK!MTB?

Backdoor:Win32/Padodor.SK!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment