Malware

Generic.ShellCode.PE.Marte.1.602AC594 malicious file

Malware Removal

The Generic.ShellCode.PE.Marte.1.602AC594 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic.ShellCode.PE.Marte.1.602AC594 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Uses Windows utilities for basic functionality
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • A scripting utility was executed
  • Deletes executed files from disk
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Generic.ShellCode.PE.Marte.1.602AC594?



File Info:

name: 902402032971F2D7DD4D.mlw
path: /opt/CAPEv2/storage/binaries/1e1bfb6f0d6c9850d54813bf7580b0cd3b368d5772a9f0583351089572babe27
crc32: 5DCDB0A6
md5: 902402032971f2d7dd4d93bfea4fb1fd
sha1: a065aea297c2cc44abcd434ad2affefb0e7a0c67
sha256: 1e1bfb6f0d6c9850d54813bf7580b0cd3b368d5772a9f0583351089572babe27
sha512: fde3eff2ec25522fd5da7996f7b70b0158f2ca6b241cf352b2d8c91de9589d2f2b6c7d7c8b32a8b38ad7b3e7e7d42a925006515c52863602033b25144664705d
ssdeep: 12288:XTcFngzqfSeQvqBvwUYTLGqF0VB6Ia0M4GCYS+NQErhrYJLSTmO3:DcVkKSeQvqpPUh6KIaK+NQohrwLSqO3
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T14EE412213BF484FFC95254304A643FF690FAE34D4F2946A73360DE0E6A7E4D5D229199
sha3_384: 17392e497e19a2b3aecfa49b614651a39959cb111c3563a3b016d105335916de17a6f4d218babb255465706d436cb9c9
ep_bytes: 558bec6aff6898c24100680691410064
timestamp: 2019-02-21 16:00:00


Version Info:

CompanyName: Igor Pavlov
FileDescription: 7z Setup SFX
FileVersion: 19.00
InternalName: 7zS.sfx
LegalCopyright: Copyright (c) 1999-2018 Igor Pavlov
OriginalFilename: 7zS.sfx.exe
ProductName: 7-Zip
ProductVersion: 19.00
Translation: 0x0409 0x04b0

Generic.ShellCode.PE.Marte.1.602AC594 also known as:

BkavW32.AIDetectMalware
DrWebBackDoor.Siggen2.4515
MicroWorld-eScanDeepScan:Generic.ShellCode.PE.Marte.1.602AC594
FireEyeDeepScan:Generic.ShellCode.PE.Marte.1.602AC594
K7AntiVirusTrojan ( 00596ade1 )
K7GWTrojan ( 00596ade1 )
BitDefenderThetaGen:NN.ZexaF.36350.U8Z@aSCHEDb
CyrenW32/Kryptik.ITT.gen!Eldorado
SymantecTrojan.Gen.MBT
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/GenKryptik.FZDE
TrendMicro-HouseCallTROJ_GEN.R03AC0PF223
AvastWin32:TrojanX-gen [Trj]
CynetMalicious (score: 100)
KasperskyTrojan.VBS.Agent.bbj
BitDefenderDeepScan:Generic.ShellCode.PE.Marte.1.602AC594
NANO-AntivirusTrojan.Win32.Kryptik.jsjzdr
SophosMal/Generic-S
F-SecureHeuristic.HEUR/AGEN.1315171
VIPREDeepScan:Generic.ShellCode.PE.Marte.1.602AC594
TrendMicroTROJ_GEN.R03AC0PF223
McAfee-GW-EditionBehavesLike.Win32.Generic.jc
EmsisoftDeepScan:Generic.ShellCode.PE.Marte.1.602AC594 (B)
GDataDeepScan:Generic.ShellCode.PE.Marte.1.602AC594
JiangminBackdoor.Agent.lui
AviraHEUR/AGEN.1315171
Antiy-AVLTrojan/Win32.SGeneric
ArcabitDeepScan:Generic.ShellCode.PE.Marte.1.602AC594 [many]
ZoneAlarmTrojan.VBS.Agent.bbj
MicrosoftTrojan:Win32/Netwire.RPY!MTB
GoogleDetected
VBA32BScope.Backdoor.Agent
MAXmalware (ai score=81)
MalwarebytesGeneric.Malware.AI.DDS
APEXMalicious
RisingTrojan.Kryptik!1.E8E7 (CLASSIC)
FortinetW32/GenKryptik.FZDE!tr
AVGWin32:TrojanX-gen [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/grayware_confidence_60% (D)

How to remove Generic.ShellCode.PE.Marte.1.602AC594?

Generic.ShellCode.PE.Marte.1.602AC594 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment