Generic.Exploit.Donut.2.33FF5282 malicious file

The Generic.Exploit.Donut.2.33FF5282 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Generic.Exploit.Donut.2.33FF5282 virus can do?

Dynamic (imported) function loading detected
Authenticode signature is invalid
Network activity detected but not expressed in API logs
Binary compilation timestomping detected

How to determine Generic.Exploit.Donut.2.33FF5282?


File Info:
name: 0B5789C42335D9D5F77C.mlw
path: /opt/CAPEv2/storage/binaries/95d9c3a78eb31f030e2f0050494089d1acdcd63d790e0c16336d557f07028526
crc32: 2384B539
md5: 0b5789c42335d9d5f77caf60345ebae1
sha1: a1bce6f84b66ac26bb2edbcb55226eab6a660e6d
sha256: 95d9c3a78eb31f030e2f0050494089d1acdcd63d790e0c16336d557f07028526
sha512: 59b9d81e154e7689a8d8cd43528acb6b330debee74a50ce49b1ed91ebeb57c50910a1c19ad76381cbc91c04e1f9ceeff0a0ae79b2b559e96c3923943b262244b
ssdeep: 6144:164Z8Pxr9S4l5U7xm5d4J9rIUsAmGoLE3fIIOePmUo+tLbK9Tt8nm:16k8Pt9SC5mA5krTsQIIOZXuLbKPC
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T17B94913439FB601DF3B3AE665BE4B9AF9E1EF633270B64AD1060034A4722941DD91739
sha3_384: 540ce66b37a4f0adcbeec0e6119b3783e755869708c734877ddbf31885fea059ebe472b4a644289f2e3b53898306f807
ep_bytes: ff2500204000554889e5ffd15d4889ec
timestamp: 2086-03-17 00:24:29

Version Info:
Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: Console Compile Host
FileVersion: 1.0.0.0
InternalName: Console Compile Host.exe
LegalCopyright: Copyright ©  2021
LegalTrademarks: 
OriginalFilename: Console Compile Host.exe
ProductName: Console Compile Host
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Generic.Exploit.Donut.2.33FF5282 also known as:

Elastic	malicious (high confidence)
Cynet	Malicious (score: 100)
ALYac	Generic.Exploit.Donut.2.33FF5282
CrowdStrike	win/malicious_confidence_80% (D)
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/Kryptik.ABQQ
APEX	Malicious
ClamAV	Win.Packed.Bulz-9877042-0
BitDefender	Generic.Exploit.Donut.2.33FF5282
MicroWorld-eScan	Generic.Exploit.Donut.2.33FF5282
Avast	Win32:CrypterX-gen [Trj]
Ad-Aware	Generic.Exploit.Donut.2.33FF5282
Sophos	ML/PE-A
DrWeb	BackDoor.AsyncRATNET.2
FireEye	Generic.mg.0b5789c42335d9d5
Emsisoft	Generic.Exploit.Donut.2.33FF5282 (B)
GData	Generic.Exploit.Donut.2.33FF5282
Arcabit	Generic.Exploit.Donut.2.33FF5282
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
MAX	malware (ai score=85)
SentinelOne	Static AI – Malicious PE
BitDefenderTheta	Gen:NN.ZemsilF.34294.zm0@a0qw65c
AVG	Win32:CrypterX-gen [Trj]
Cybereason	malicious.84b66a

How to remove Generic.Exploit.Donut.2.33FF5282?

Generic.Exploit.Donut.2.33FF5282 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X