Malware

Should I remove “Generic.ShellCode.Donut.Marte.2.20C4569E”?

Malware Removal

The Generic.ShellCode.Donut.Marte.2.20C4569E is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic.ShellCode.Donut.Marte.2.20C4569E virus can do?

  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the shellcode get eip malware family
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Generic.ShellCode.Donut.Marte.2.20C4569E?



File Info:

name: 4D2302E6F18E7B1C414B.mlw
path: /opt/CAPEv2/storage/binaries/dad5a7c6e0da672ccac845b015a9438dd2f6211a8f78bfa14cbf96829d9e94e5
crc32: CA2C039A
md5: 4d2302e6f18e7b1c414b3cb0303420fa
sha1: 89b8494aa755bbf0d72155bfcdbc1bf1b0063992
sha256: dad5a7c6e0da672ccac845b015a9438dd2f6211a8f78bfa14cbf96829d9e94e5
sha512: a10b7fb0d368ef5e38f27cdaa71423fff15366fe035d66a1e1845d2194cd4a0800e1f40680e066b8a98e7ee0dbdfd1cebf83d20fed1bcd7ab24c6cb2486d3c0e
ssdeep: 24576:6c2brHriyGMokSdaPKhF+ECHpGD5W953ssIB3iEJ9Olk3GrwsTEo8reHo9Ky0OvJ:0vHri5Mo/AECJSm5+5iEJ8lk2rwJo8re
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1F1550151F6D2D032D1E2217096BEA7A21C3C57304B6246EB73DC2D5DAFB06C06AB5B27
sha3_384: 4c9b848a69a9f80211373edc52812e0c845ce5cb55648ba0c0a6af18aea6def611edc7c84d695e6216d1bf6505a7ade4
ep_bytes: e890030000e987feffff558bec6a00ff
timestamp: 2018-07-25 04:58:32


Version Info:

0: [No Data]

Generic.ShellCode.Donut.Marte.2.20C4569E also known as:

BkavW32.AIDetectMalware
ElasticWindows.Trojan.Donutloader
MicroWorld-eScanGeneric.ShellCode.Donut.Marte.2.20C4569E
SkyhighBehavesLike.Win32.BumbleBee.tc
McAfeeArtemis!4D2302E6F18E
SangforTrojan.Win32.Save.a
ArcabitGeneric.ShellCode.Donut.Marte.2.20C4569E
ClamAVWin.Dropper.TrickBot-10007885-0
KasperskyHEUR:Trojan.Win64.Donut.a
BitDefenderGeneric.ShellCode.Donut.Marte.2.20C4569E
EmsisoftGeneric.ShellCode.Donut.Marte.2.20C4569E (B)
F-SecureHeuristic.HEUR/AGEN.1372127
VIPREGeneric.ShellCode.Donut.Marte.2.20C4569E
Trapminemalicious.high.ml.score
FireEyeGeneric.ShellCode.Donut.Marte.2.20C4569E
SophosGeneric ML PUA (PUA)
JiangminTrojan.Donut.cqc
GoogleDetected
AviraHEUR/AGEN.1372127
ZoneAlarmHEUR:Trojan.Win64.Donut.a
GDataGeneric.ShellCode.Donut.Marte.2.20C4569E
CynetMalicious (score: 99)
ALYacGeneric.ShellCode.Donut.Marte.2.20C4569E
MAXmalware (ai score=89)
MalwarebytesMalware.AI.3751637098
PandaTrj/Genetic.gen
RisingTrojan.DonutLoader!1.E39F (CLASSIC)
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.300983.susgen
DeepInstinctMALICIOUS

How to remove Generic.ShellCode.Donut.Marte.2.20C4569E?

Generic.ShellCode.Donut.Marte.2.20C4569E removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment