Malware

What is “Generic.Exploit.Shellcode.3.F691FAF2”?

Malware Removal

The Generic.Exploit.Shellcode.3.F691FAF2 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic.Exploit.Shellcode.3.F691FAF2 virus can do?

  • Attempts to connect to a dead IP:Port (1 unique times)
  • Creates RWX memory
  • The binary likely contains encrypted or compressed data.
  • Anomalous binary characteristics

How to determine Generic.Exploit.Shellcode.3.F691FAF2?



File Info:

crc32: C8C7834C
md5: d9ed61267ae790e9639e12ef721480a4
name: D9ED61267AE790E9639E12EF721480A4.mlw
sha1: 2822680903fc2782a3db53f6cf74dd1aea544189
sha256: 954a21a5381ecf1eddbcc2258f799937a2f567c15973d64b9958d06d20ae8c99
sha512: 8ec83d507078aa80a8609f34f51cce78b25f8080d951392831b2f426898f7f555fc4947c91b85db128fb553cc89c701dd998a6ea60ebb3688a750b8bdbe488a7
ssdeep: 1536:IvyzL8Awy6DBQ6qnq8c4BBCIq40nUjSK3oEKZhMb+KR0Nc8QsJq39:+qnwvQ6p87BCIh0nUjSK3oEohe0Nc8Qb
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright 2009 The Apache Software Foundation.
InternalName: ab.exe
FileVersion: 2.2.14
CompanyName: Apache Software Foundation
Comments: Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
ProductName: Apache HTTP Server
ProductVersion: 2.2.14
FileDescription: ApacheBench command line utility
OriginalFilename: ab.exe
Translation: 0x0409 0x04b0

Generic.Exploit.Shellcode.3.F691FAF2 also known as:

BkavW32.FamVT.RorenNHc.Trojan
K7AntiVirusTrojan ( 004c49f81 )
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
CAT-QuickHealTrojan.Swrort.A
ALYacDeepScan:Generic.Exploit.Shellcode.3.F691FAF2
CylanceUnsafe
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaTrojan:Win32/Meterpreter.16ee1d08
K7GWTrojan ( 004c49f81 )
Cybereasonmalicious.67ae79
CyrenW32/Swrort.A.gen!Eldorado
SymantecPacked.Generic.347
ESET-NOD32a variant of Win32/Rozena.UL
APEXMalicious
AvastWin32:SwPatch [Wrm]
ClamAVWin.Trojan.Swrort-5710536-0
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderDeepScan:Generic.Exploit.Shellcode.3.F691FAF2
NANO-AntivirusVirus.Win32.Gen-Crypt.ccnc
ViRobotTrojan.Win32.Elzob.Gen
SUPERAntiSpywareTrojan.Backdoor-Shell
MicroWorld-eScanDeepScan:Generic.Exploit.Shellcode.3.F691FAF2
TencentWin32.Trojan.Generic.Wvaz
Ad-AwareDeepScan:Generic.Exploit.Shellcode.3.F691FAF2
SophosML/PE-A + ATK/EncPk-TZ
ComodoTrojWare.Win32.Rozena.A@4jwdqr
BitDefenderThetaGen:NN.ZexaF.34686.eq1@a8SXjWli
TrendMicroBKDR_SWRORT.SM
McAfee-GW-EditionBehavesLike.Win32.Swrort.lh
FireEyeGeneric.mg.d9ed61267ae790e9
EmsisoftDeepScan:Generic.Exploit.Shellcode.3.F691FAF2 (B)
SentinelOneStatic AI – Malicious PE
AviraTR/Patched.Gen2
MicrosoftTrojan:Win32/Meterpreter.A
GridinsoftTrojan.Win32.Swrort.zv!s2
ZoneAlarmHEUR:Trojan.Win32.Metla.a
GDataDeepScan:Generic.Exploit.Shellcode.3.F691FAF2
AhnLab-V3Trojan/Win32.Shell.R1283
Acronissuspicious
McAfeeSwrort.i
MAXmalware (ai score=87)
MalwarebytesTrojan.Rozena
TrendMicro-HouseCallBKDR_SWRORT.SM
RisingHackTool.Swrort!1.6477 (CLOUD)
YandexTrojan.Rosena.Gen.1
IkarusTrojan.Win32.Swrort
MaxSecureTrojan.Malware.300983.susgen
FortinetMalwThreat!df3bIV
AVGWin32:SwPatch [Wrm]
Paloaltogeneric.ml

How to remove Generic.Exploit.Shellcode.3.F691FAF2?

Generic.Exploit.Shellcode.3.F691FAF2 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment