Backdoor

Backdoor:Win32/Padodor.SK!MTB malicious file

Malware Removal

The Backdoor:Win32/Padodor.SK!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Backdoor:Win32/Padodor.SK!MTB virus can do?

  • Creates an indicator observed in Territorial Disputes report SIG40
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the shellcode get eip malware family
  • Anomalous binary characteristics
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Backdoor:Win32/Padodor.SK!MTB?



File Info:

name: 12D47B3C86965FA917AD.mlw
path: /opt/CAPEv2/storage/binaries/dc67abedd7a53c8979e12d074c720c49cb4768cffbcdc992db1f70f3c5bf31d9
crc32: 7CAA286F
md5: 12d47b3c86965fa917ade0b3c67b3418
sha1: a6a67eb667a9b09fbc1a21499c15c0316f3390e9
sha256: dc67abedd7a53c8979e12d074c720c49cb4768cffbcdc992db1f70f3c5bf31d9
sha512: 9df078c009748756122fc14cfdaf9f4785e66f7420587c3b10f22f62e2667c067ae4e466f2320650e584ebf34ee1125a9aa0154e2138b155fe88c80230a5ec6d
ssdeep: 3072:pHV2kK5S5sYimLsJIRtAto0t9qiteb8fo3PXl9Z7S/yCsKh2EzZA/z:F1itebgo35e/yCthvUz
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11FB37C4BAB560FB3D6D2037E220780D97B859DF8D2E4C5620914C05D1237EAD9AFAF9C
sha3_384: 3213866cf1d5fc36a246997beb139c32a2b98e3caf31b77503f9b294ca270d573dc0f84ffb7f0c8ada4e2c10d5b5c9ef
ep_bytes: 60909090909067e80000000090905890
timestamp: 1980-09-26 05:39:38


Version Info:

0: [No Data]

Backdoor:Win32/Padodor.SK!MTB also known as:

BkavW32.AIDetectMalware
tehtrisGeneric.Malware
MicroWorld-eScanGen:Trojan.ShellObject.g8W@aG4fkNb
FireEyeGeneric.mg.12d47b3c86965fa9
SkyhighBehavesLike.Win32.Generic.cc
McAfeeTrojan-FVOK!12D47B3C8696
MalwarebytesGeneric.Malware.AI.DDS
VIPREGen:Trojan.ShellObject.g8W@aG4fkNb
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 005780dd1 )
K7GWTrojan ( 005780dd1 )
Cybereasonmalicious.c86965
VirITWin32.Padodor.V
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32Win32/Padodor.AB
APEXMalicious
ClamAVWin.Trojan.Crypted-36
KasperskyBackdoor.Win32.Padodor.gen
BitDefenderGen:Trojan.ShellObject.g8W@aG4fkNb
NANO-AntivirusTrojan.Win32.Padodor.jzwmkr
AvastWin32:Padodor-V [Trj]
TencentBackdoor.Win32.Padodor.kp
TACHYONBackdoor/W32.Padodor
EmsisoftGen:Trojan.ShellObject.g8W@aG4fkNb (B)
F-SecureTrojan.TR/Crypt.ZPACK.Gen2
DrWebBackDoor.Wdozer
ZillyaTrojan.PadodorGen.Win32.2
Trapminemalicious.high.ml.score
SophosMal/Padodor-A
IkarusTrojan.Crypt
JiangminBackdoor.Padodor.bdwe
GoogleDetected
AviraTR/Crypt.ZPACK.Gen2
VaristW32/Backdoor.DKIC-2994
Antiy-AVLTrojan[Proxy]/Win32.Qukart.gen
Kingsoftmalware.kb.a.1000
MicrosoftBackdoor:Win32/Padodor.SK!MTB
ArcabitTrojan.ShellObject.ED9EAF
ZoneAlarmBackdoor.Win32.Padodor.gen
GDataGen:Trojan.ShellObject.g8W@aG4fkNb
CynetMalicious (score: 100)
AhnLab-V3Win-Trojan/Berbew.51712
Acronissuspicious
BitDefenderThetaAI:Packer.44E7344521
ALYacGen:Trojan.ShellObject.g8W@aG4fkNb
MAXmalware (ai score=85)
VBA32Backdoor.Padodor
Cylanceunsafe
PandaTrj/Genetic.gen
RisingBackdoor.Berbew!8.115 (TFE:3:QiBb7Shd7yJ)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/GenKryptik.BJQV!tr
AVGWin32:Padodor-V [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (D)
alibabacloudBackdoor:Win/Berbew.4302a47d

How to remove Backdoor:Win32/Padodor.SK!MTB?

Backdoor:Win32/Padodor.SK!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment