Backdoor

Backdoor:Win32/Padodor.SK!MTB information

Malware Removal

The Backdoor:Win32/Padodor.SK!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Backdoor:Win32/Padodor.SK!MTB virus can do?

  • Creates an indicator observed in Territorial Disputes report SIG40
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the shellcode get eip malware family
  • Anomalous binary characteristics
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Backdoor:Win32/Padodor.SK!MTB?


File Info:

name: 093889001DE44FB9D5E5.mlw
path: /opt/CAPEv2/storage/binaries/e63277af3fe355299bd5bd63183b26256f1f668b05e985bcb18582ef02547153
crc32: 7F12B2D9
md5: 093889001de44fb9d5e52e0adf22fe82
sha1: ba5ace9d26c8abd620d165db45ced8113fbac882
sha256: e63277af3fe355299bd5bd63183b26256f1f668b05e985bcb18582ef02547153
sha512: 030ef3a5b17c5768df31352c210ddff751fd513c6aaf6be64a3f2d9647d2307e14019d1cd0150a793c0d74e5beb33272ddeef308f138a7c1e7254e7e6b5be3ff
ssdeep: 1536:r4fA2NSrjnBoJ8pBHShoe+i5RZKidFUQ/maCTfCnx/RVkeyyVr3iwcHf:r4fAcWjYMByhoeNZX/uCZ3kremwc/
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T166938D57F1441FA2DEC507F638CE7CA8BE4ACCAC0B3A8562B84891AC1557BE7981DDC1
sha3_384: cff42911db17face89991baba3ffaa5ac75fd75e373c674483d492d7d78f030b9b9dfe31e60d9e5c3279898dc2945144
ep_bytes: 90909090906090b80010400090bb38de
timestamp: 1977-12-31 05:39:38

Version Info:

0: [No Data]

Backdoor:Win32/Padodor.SK!MTB also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Padodor.4!c
tehtrisGeneric.Malware
MicroWorld-eScanTrojan.GenericKDZ.103285
SkyhighBehavesLike.Win32.Generic.nc
ALYacTrojan.GenericKDZ.103285
MalwarebytesGeneric.Malware.AI.DDS
VIPRETrojan.GenericKDZ.103285
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 005780dd1 )
BitDefenderTrojan.GenericKDZ.103285
K7GWTrojan ( 005780dd1 )
Cybereasonmalicious.d26c8a
ArcabitTrojan.Generic.D19375
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32Win32/Padodor.AB
APEXMalicious
CynetMalicious (score: 100)
KasperskyBackdoor.Win32.Padodor.gen
AlibabaBackdoor:Win32/Padodor.35a1b475
NANO-AntivirusTrojan.Win32.Padodor.jzmyor
AvastWin32:Padodor-V [Trj]
RisingBackdoor.Berbew!8.115 (TFE:3:yjpwxPFSOXH)
TACHYONBackdoor/W32.Padodor
EmsisoftTrojan.GenericKDZ.103285 (B)
F-SecureBackdoor.BDS/Padodor.vifec
DrWebBackDoor.Wdozer
ZillyaTrojan.QukartGen.Win32.2
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.093889001de44fb9
SophosMal/Padodor-A
SentinelOneStatic AI – Malicious PE
JiangminBackdoor.Padodor.dwog
GoogleDetected
AviraBDS/Padodor.vifec
Antiy-AVLTrojan[Proxy]/Win32.Qukart.gen
Kingsoftmalware.kb.a.1000
MicrosoftBackdoor:Win32/Padodor.SK!MTB
ZoneAlarmBackdoor.Win32.Padodor.gen
GDataTrojan.GenericKDZ.103285
VaristW32/Backdoor.DKIC-2994
AhnLab-V3Win-Trojan/Berbew.51712
Acronissuspicious
McAfeeTrojan-FVOJ!093889001DE4
MAXmalware (ai score=87)
VBA32Backdoor.Padodor
Cylanceunsafe
PandaTrj/Genetic.gen
TencentBackdoor.Win32.Padodor.kp
IkarusBackdoor.Win32.Padodor
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/GenKryptik.BJQV!tr
BitDefenderThetaAI:Packer.9D4EBA1221
AVGWin32:Padodor-V [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Backdoor:Win32/Padodor.SK!MTB?

Backdoor:Win32/Padodor.SK!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment