How to remove “Generic.Exploit.Shellcode.3.975597C5”?

Malware Removal

The Generic.Exploit.Shellcode.3.975597C5 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Generic.Exploit.Shellcode.3.975597C5 virus can do?

  • Attempts to connect to a dead IP:Port (1 unique times)
  • Creates RWX memory
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX

How to determine Generic.Exploit.Shellcode.3.975597C5?


File Info:

crc32: 409059EC
md5: 4240b0ddcfaed35cc32bbe18f042d87a
name: 4240B0DDCFAED35CC32BBE18F042D87A.mlw
sha1: 81969db2b26115726c1a918fdbaf731480624086
sha256: e32fffcc04371c582ec9bdbc787b3301eef04a98b9741b94fb1aebf1d4215f15
sha512: ff93f3eb700a4b5edba95cb3530b8777b579c6f49c7fa4b6be3e0493b252376099f439b5e1d070e20c7d26f8771574e8947a70eb4cab202a774c8c32bd7534bd
ssdeep: 768:Io5h3zIJ++x8IWt3Ftkt2B5Vx6S5tt88OXFPf54xhBGsCzH6wHyf1Mhq3:Io/MPCIO3HrVXNGFgSHzH1K1Mq3
type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed

Version Info:

LegalCopyright: Copyright 2009 The Apache Software Foundation.
InternalName: ab.exe
FileVersion: 2.2.14
CompanyName: Apache Software Foundation
Comments: Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
ProductName: Apache HTTP Server
ProductVersion: 2.2.14
FileDescription: ApacheBench command line utility
OriginalFilename: ab.exe
Translation: 0x0409 0x04b0

Generic.Exploit.Shellcode.3.975597C5 also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
CAT-QuickHealTrojan.GenericRI.S18206508
ALYacGeneric.Exploit.Shellcode.3.975597C5
CylanceUnsafe
CrowdStrikewin/malicious_confidence_80% (D)
Cybereasonmalicious.dcfaed
CyrenW32/Swrort.B.gen!Eldorado
SymantecPacked.Generic.347
ESET-NOD32a variant of Win32/Rozena.ED
APEXMalicious
AvastWin32:Evo-gen [Susp]
ClamAVWin.Trojan.Swrort-5710536-0
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGeneric.Exploit.Shellcode.3.975597C5
NANO-AntivirusVirus.Win32.Gen-Crypt.ccnc
MicroWorld-eScanGeneric.Exploit.Shellcode.3.975597C5
TencentMalware.Win32.Gencirc.10b3f98b
Ad-AwareGeneric.Exploit.Shellcode.3.975597C5
SophosML/PE-A + Mal/EncPk-ND
ComodoTrojWare.Win32.Rozena.A@4jwdqr
BitDefenderThetaGen:NN.ZexaF.34266.cmKfa0rFQGii
TrendMicroBackdoor.Win32.SWRORT.SMAL01
McAfee-GW-EditionSwrort.d
FireEyeGeneric.mg.4240b0ddcfaed35c
EmsisoftGeneric.Exploit.Shellcode.3.975597C5 (B)
SentinelOneStatic AI – Malicious PE
AviraTR/Crypt.ZPACK.Gen
eGambitUnsafe.AI_Score_99%
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
ArcabitGeneric.Exploit.Shellcode.3.975597C5
GDataWin32.Trojan.PSE.11T0LTG
AhnLab-V3Backdoor/Win32.Bifrose.R12476
Acronissuspicious
McAfeeSwrort.d
MAXmalware (ai score=82)
VBA32Trojan.Swrort
MalwarebytesTrojan.Rozena
PandaTrj/Genetic.gen
TrendMicro-HouseCallBackdoor.Win32.SWRORT.SMAL01
RisingHackTool.Swrort!1.6477 (CLASSIC)
YandexTrojan.GenAsa!O0/tdGI4TGA
IkarusExploit.PDF
MaxSecureTrojan.Malware.300983.susgen
FortinetMalwThreat!0971IV
AVGWin32:Evo-gen [Susp]

How to remove Generic.Exploit.Shellcode.3.975597C5?

Generic.Exploit.Shellcode.3.975597C5 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment