Backdoor

Backdoor:Win32/Padodor.SK!MTB removal instruction

Malware Removal

The Backdoor:Win32/Padodor.SK!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Backdoor:Win32/Padodor.SK!MTB virus can do?

  • Sample contains Overlay data
  • Creates an indicator observed in Territorial Disputes report SIG40
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the shellcode get eip malware family
  • Anomalous binary characteristics
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Backdoor:Win32/Padodor.SK!MTB?



File Info:

name: 8DB33EA2BFE2A94A19DA.mlw
path: /opt/CAPEv2/storage/binaries/669b21c30314e5f2942550050890a9fcb47eb4ce0132e8bee628d7027f1da5af
crc32: 8906EACD
md5: 8db33ea2bfe2a94a19dad9d3cde59281
sha1: ce8b04575dd97c50d7b5cabc55b77a9fb465377d
sha256: 669b21c30314e5f2942550050890a9fcb47eb4ce0132e8bee628d7027f1da5af
sha512: 0ab2e380840c94bae36bbb0ef076c0783f712c7fe15341491f2b2c6af0a6a30adcdc2c3307725628c3fe893c5d6e619a77a81f220585f0549b94bcf4d4e095ca
ssdeep: 3072:jr1RjGdkw8ndHDSP5Nv5ugb3a3+X13XRz:7Gf8n29H7aOl3Bz
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1AAA38D5BF50A1E23CAF402B2E206B2BBFB2911AD5366DD104984D44F2E07DDF92BA547
sha3_384: 5957d931ea290c57d921b989b93b53080e50f9f32b19319076bf0ad0f427f9ffc3ce9f19a1b8ebc368eafb05ed58c39b
ep_bytes: 9090b800104000bb38de400090b90c35
timestamp: 1970-01-01 00:00:00


Version Info:

0: [No Data]

Backdoor:Win32/Padodor.SK!MTB also known as:

BkavW32.AIDetectMalware
AVGWin32:Padodor-V [Trj]
tehtrisGeneric.Malware
MicroWorld-eScanGen:Trojan.ShellObject.g8X@aK5!lZo
FireEyeGeneric.mg.8db33ea2bfe2a94a
SkyhighBehavesLike.Win32.Generic.cc
McAfeeGenericRXPE-AP!8CAAB68D159A
MalwarebytesGeneric.Malware.AI.DDS
VIPREGen:Trojan.ShellObject.g8X@aK5!lZo
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 005780dd1 )
K7GWTrojan ( 005780dd1 )
CrowdStrikewin/malicious_confidence_100% (D)
VirITWin32.Padodor.V
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32Win32/Padodor.AB
CynetMalicious (score: 100)
APEXMalicious
ClamAVWin.Dropper.Berbew-10009643-0
KasperskyBackdoor.Win32.Padodor.gen
BitDefenderGen:Trojan.ShellObject.g8X@aK5!lZo
NANO-AntivirusTrojan.Win32.Padodor.jtfhdt
AvastWin32:Padodor-V [Trj]
TencentBackdoor.Win32.Padodor.kp
TACHYONBackdoor/W32.Padodor
SophosMal/Generic-S
F-SecureTrojan.TR/Dropper.Gen
DrWebBackDoor.Wdozer
ZillyaTrojan.PadodorGen.Win32.17
Trapminemalicious.high.ml.score
EmsisoftGen:Trojan.ShellObject.g8X@aK5!lZo (B)
IkarusTrojan.Crypt
JiangminBackdoor.Padodor.exys
VaristW32/Backdoor.DKIC-2994
AviraTR/Dropper.Gen
Antiy-AVLTrojan[Proxy]/Win32.Qukart.gen
Kingsoftmalware.kb.a.1000
MicrosoftBackdoor:Win32/Padodor.SK!MTB
ArcabitTrojan.ShellObject.E25A82
ZoneAlarmBackdoor.Win32.Padodor.gen
GDataWin32.Trojan.PSE.15MS2TX
GoogleDetected
AhnLab-V3Win-Trojan/Berbew.51712
Acronissuspicious
BitDefenderThetaAI:Packer.51196B2721
ALYacGen:Trojan.ShellObject.g8X@aK5!lZo
MAXmalware (ai score=81)
VBA32Backdoor.Padodor
Cylanceunsafe
PandaTrj/Genetic.gen
RisingBackdoor.Padodor!8.118 (TFE:5:7KxSiWwgENI)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Agent.B077!tr
Cybereasonmalicious.2bfe2a
DeepInstinctMALICIOUS
alibabacloudVirTool:Win/Obfuscate.FakeEp.DYN(dyn)

How to remove Backdoor:Win32/Padodor.SK!MTB?

Backdoor:Win32/Padodor.SK!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment