Should I remove “Generic.ShellCode.Marte.H.3AF9922B”?

The Generic.ShellCode.Marte.H.3AF9922B is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Generic.ShellCode.Marte.H.3AF9922B virus can do?

CAPE extracted potentially suspicious content
Authenticode signature is invalid
Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Generic.ShellCode.Marte.H.3AF9922B?


File Info:
name: 244EE5252D81D2F5DD23.mlw
path: /opt/CAPEv2/storage/binaries/1d295f639c3db05ab5054f726cf8764e8d716af4a1fa1fd83ad993f3ad21298b
crc32: ACA97A0B
md5: 244ee5252d81d2f5dd232e96e067a4ae
sha1: d868b67ffa3628df58b60c331f7f4b3f1001b28f
sha256: 1d295f639c3db05ab5054f726cf8764e8d716af4a1fa1fd83ad993f3ad21298b
sha512: 39dbe65ddd314cb968d844b61544bb3a804a325b21ace9ba0785daeeb66e9b66c522947777036daa4ba7e6e92c7bd8222d178afb52b7433f770dc4f7ab948978
ssdeep: 768:iixxQNwPa7MEEUO3d7T9CIqxBashm4hM6tcdO6T4PrDbvmr//02xvxQpy:iEnPOjK0dzfKMPrDDmAkiy
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1BF43E66BB1D4D6A6D456D5F0F4A683F09631EDA181AA510B5F60FC0CBE713A1FA2C32C
sha3_384: 3f9550dad133a542b81a989750ab6a98e37beaef05d6ee7bf3d985471ed3473ef5c52e7dfafc961e8e58edef0e635395
ep_bytes: 5589e583ec08c7042402000000ff1544
timestamp: 2007-09-14 03:40:50

Version Info:
CompanyName: Gennady Feldman
FileDescription: Win32Pad - my notepad replacement
FileVersion: 1.5.10.4
InternalName: Win32Pad
LegalCopyright: Copyright (c) 1999-2007 by Gennady Feldman
LegalTrademarks: 
OriginalFilename: Win32Pad.EXE
ProductName: Win32Pad
ProductVersion: 1.5.10.4
Translation: 0x0409 0x04b0

Generic.ShellCode.Marte.H.3AF9922B also known as:

Lionic	Trojan.Win32.DeepScan.4!c
Elastic	Windows.Trojan.Metasploit
MicroWorld-eScan	DeepScan:Generic.ShellCode.Marte.H.3AF9922B
FireEye	DeepScan:Generic.ShellCode.Marte.H.3AF9922B
Skyhigh	BehavesLike.Win32.Virus.qm
ALYac	DeepScan:Generic.ShellCode.Marte.H.3AF9922B
Malwarebytes	Generic.Malware/Suspicious
VIPRE	DeepScan:Generic.ShellCode.Marte.H.3AF9922B
Sangfor	HackTool.Win32.Reverse_Bin_v2_5_through_v4_x.uwccg
BitDefender	DeepScan:Generic.ShellCode.Marte.H.3AF9922B
Symantec	Trojan.Gen.MBT
APEX	Malicious
Kaspersky	UDS:Trojan.Win32.Generic
Alibaba	Trojan:Win32/CobaltStrike.5c89
Rising	HackTool.Swrort!1.6477 (CLASSIC)
Emsisoft	DeepScan:Generic.ShellCode.Marte.H.3AF9922B (B)
TrendMicro	Backdoor.Win32.COBEACON.SMJMAC
Sophos	Mal/Generic-S
Ikarus	Virus.Win32.Virut
GData	DeepScan:Generic.ShellCode.Marte.H.3AF9922B
Google	Detected
Antiy-AVL	Trojan/Win32.Rozena.ed
Arcabit	DeepScan:Generic.ShellCode.Marte.H.3AF9922B
ZoneAlarm	UDS:Trojan.Win32.Generic
Microsoft	Trojan:Win32/Swrort.A
Cynet	Malicious (score: 100)
McAfee	Artemis!244EE5252D81
MAX	malware (ai score=85)
DeepInstinct	MALICIOUS
SentinelOne	Static AI – Suspicious PE
MaxSecure	Trojan.Malware.121218.susgen
AVG	Win32:Swrort-S [Trj]
Avast	Win32:Swrort-S [Trj]
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Generic.ShellCode.Marte.H.3AF9922B?

Generic.ShellCode.Marte.H.3AF9922B removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X