Malware

Generic.ShellCode.Donut.Marte.2.31CFA527 removal guide

Malware Removal

The Generic.ShellCode.Donut.Marte.2.31CFA527 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic.ShellCode.Donut.Marte.2.31CFA527 virus can do?

  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the shellcode get eip malware family
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Generic.ShellCode.Donut.Marte.2.31CFA527?



File Info:

name: 6A1233F5B4188A043F1A.mlw
path: /opt/CAPEv2/storage/binaries/2fabf8bfc66d6e751a14a87a13a56c5b29b6b2dedd8fa6431a3c4450532374dd
crc32: 66CCF556
md5: 6a1233f5b4188a043f1a0f61de425e42
sha1: 61c5fd34a0e93c205e5a8c76bcf4f7398170ebd7
sha256: 2fabf8bfc66d6e751a14a87a13a56c5b29b6b2dedd8fa6431a3c4450532374dd
sha512: a34143aecc0747331ecfe5cd7271feb6113971389bfb8072102a3ba4352371f8934916efb8203bf3513aae054255143dcee4faee80df20a2feaa9d2b4d4394ff
ssdeep: 24576:xc2brHriyGMokSdaPKhF+EC7pRliyYDBuZeq56WA20dEQjF+pI:RvHri5Mo/AEClXKBusq56WOdV
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T14D15E051F6D2C033D1E311749ABDA7A2183827344B2245E7B7DC5D6EAFB06C16A70B27
sha3_384: e97d41ef42fccf76fb3002620c9bddd8a012dd3a6e0dff3a06acdf2f01412af3ad161079235d4e8c8064d53340bd0c96
ep_bytes: e890030000e987feffff558bec6a00ff
timestamp: 2018-07-25 04:58:32


Version Info:

0: [No Data]

Generic.ShellCode.Donut.Marte.2.31CFA527 also known as:

BkavW32.AIDetectMalware
MicroWorld-eScanGeneric.ShellCode.Donut.Marte.2.31CFA527
FireEyeGeneric.ShellCode.Donut.Marte.2.31CFA527
SkyhighBehavesLike.Win32.BumbleBee.dc
McAfeeArtemis!6A1233F5B418
MalwarebytesMalware.AI.3751637098
SangforTrojan.Win32.Save.a
ElasticWindows.Trojan.Donutloader
ClamAVWin.Dropper.TrickBot-10007885-0
KasperskyHEUR:Trojan.Win64.Donut.a
BitDefenderGeneric.ShellCode.Donut.Marte.2.31CFA527
EmsisoftGeneric.ShellCode.Donut.Marte.2.31CFA527 (B)
VIPREGeneric.ShellCode.Donut.Marte.2.31CFA527
Trapminemalicious.high.ml.score
SophosGeneric ML PUA (PUA)
MAXmalware (ai score=87)
JiangminTrojan.Donut.cqc
GoogleDetected
MicrosoftPUA:Win32/Presenoker
ArcabitGeneric.ShellCode.Donut.Marte.2.31CFA527
ZoneAlarmHEUR:Trojan.Win64.Donut.a
GDataGeneric.ShellCode.Donut.Marte.2.31CFA527
ALYacGeneric.ShellCode.Donut.Marte.2.31CFA527
PandaTrj/Genetic.gen
RisingTrojan.DonutLoader!1.E39F (CLASSIC)
SentinelOneStatic AI – Suspicious PE
DeepInstinctMALICIOUS

How to remove Generic.ShellCode.Donut.Marte.2.31CFA527?

Generic.ShellCode.Donut.Marte.2.31CFA527 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment