Risk

RiskWare.ShellCode (file analysis)

Malware Removal

The RiskWare.ShellCode is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What RiskWare.ShellCode virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Dynamic (imported) function loading detected
  • Authenticode signature is invalid

How to determine RiskWare.ShellCode?



File Info:

name: 50D972F19500CEA2732A.mlw
path: /opt/CAPEv2/storage/binaries/62f9b548c9cb7b07a094060e2be4810eac262330b2c428db42a157424640df39
crc32: 86612F5C
md5: 50d972f19500cea2732a322839e4221c
sha1: 504598d8ba9d6a51e23d7e6a96efafeb184c2fee
sha256: 62f9b548c9cb7b07a094060e2be4810eac262330b2c428db42a157424640df39
sha512: 7bbb2659b0794d86506005ce3203b38aaf4a45b744f0f99c504b550df6b7b8be9a30d52034ea47816362f8cd656bd32fa72c42f68cb424872627e666641ba82f
ssdeep: 6144:n8hil6j816NMInefEiD6JM1PicZv47do1u6DfYQyjs5pun9VKEyzGWEFG:Dy816NMInefEiD6G16cZv47W1un9eco
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1AE647E10B9C08433C6773C310775E6B14DADA8302E606F9F97A81A759F34691EA39B6F
sha3_384: 8e59b01d7caae00031d9b9d0f3135de41d4426eae57bdc58471272a095c20614b2a7d6e4c2ae161bf867affcde75c7a2
ep_bytes: e8dc060000e917feffff558bec6a00ff
timestamp: 2022-01-14 10:11:24


Version Info:

0: [No Data]

RiskWare.ShellCode also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Fugrafa.4!c
MicroWorld-eScanGen:Variant.Fugrafa.156491
FireEyeGen:Variant.Fugrafa.156491
McAfeeRDN/Generic.grp
CylanceUnsafe
SangforTrojan.Win32.Sabsik.FL
K7AntiVirusRiskware ( 0055cad91 )
K7GWRiskware ( 0055cad91 )
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/RiskWare.ShellExec.D
TrendMicro-HouseCallTROJ_GEN.R03BH09B422
ClamAVWin.Exploit.Dcom-9859535-0
BitDefenderGen:Variant.Fugrafa.156491
AvastWin32:Malware-gen
TencentWin32.Trojan.Fugrafa.Svrl
Ad-AwareGen:Variant.Fugrafa.156491
SophosMal/Generic-S
McAfee-GW-EditionBehavesLike.Win32.Generic.fh
EmsisoftGen:Variant.Fugrafa.156491 (B)
GDataGen:Variant.Fugrafa.156491
Antiy-AVLTrojan/Generic.ASMalwS.3524534
GridinsoftRansom.Win32.Sabsik.sa
ArcabitTrojan.Fugrafa.D2634B
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.Generic.R436254
ALYacGen:Variant.Fugrafa.156491
MAXmalware (ai score=80)
MalwarebytesRiskWare.ShellCode
APEXMalicious
RisingMalware.Heuristic!ET#80% (RDMK:cmRtazoaAJY/tx2V345PAQMPyVxW)
MaxSecureTrojan.Malware.300983.susgen
FortinetRiskware/ShellExec
AVGWin32:Malware-gen

How to remove RiskWare.ShellCode?

RiskWare.ShellCode removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment