Trojan

Trojan.ReverseShell removal

Malware Removal

The Trojan.ReverseShell is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Trojan.ReverseShell virus can do?

  • Sample contains Overlay data
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Trojan.ReverseShell?


File Info:

name: 7AAD8038792C4F4B4DDC.mlw
path: /opt/CAPEv2/storage/binaries/e6240711336dc9f1a24408cf0b912cac36e4c66528147fc30e356ff16a3d1c15
crc32: 62683ADB
md5: 7aad8038792c4f4b4ddc27abbedf2324
sha1: 8afc65d15c7f6a4bbddf3587b577a8ad0a3e9299
sha256: e6240711336dc9f1a24408cf0b912cac36e4c66528147fc30e356ff16a3d1c15
sha512: 23d073871f85534f7874a951f2ba0738268c5910889e9138cc488d5138c5af3dd3a4d1d090c4f7af1781483fd2c08000c61028f82c105f0692172868de64d6ba
ssdeep: 768:nzOmETIfSj0k6PP3lLuzZPKqaYbEIHinrTgW:nz3ftk6PP3lLuBZa9nrTgW
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1E8131B99BE244CE7EA51533E90E7C776273DF1814F235BB3B730B6345B236922099246
sha3_384: 48411b02f20e6a8f0364b12b5c599db3e19e4ae1cd7ec853e8ca467c3683c64411da5a4654314c05f13567aa7a714a15
ep_bytes: 83ec1cc7042402000000ff15c4814000
timestamp: 2022-08-11 12:50:59

Version Info:

0: [No Data]

Trojan.ReverseShell also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Generic.4!c
MicroWorld-eScanTrojan.GenericKD.61255967
FireEyeGeneric.mg.7aad8038792c4f4b
ALYacTrojan.GenericKD.61255967
CylanceUnsafe
ZillyaTrojan.ReverseShell.Win32.97
K7AntiVirusTrojan ( 00596ded1 )
AlibabaTrojan:Win32/ReverseShell.c6a1e03e
K7GWTrojan ( 00596ded1 )
Cybereasonmalicious.15c7f6
CyrenW32/Rozena.EF.gen!Eldorado
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/ReverseShell.AG
APEXMalicious
Paloaltogeneric.ml
CynetMalicious (score: 100)
BitDefenderTrojan.GenericKD.61255967
AvastWin32:Trojan-gen
Ad-AwareTrojan.GenericKD.61255967
EmsisoftTrojan.GenericKD.61255967 (B)
VIPRETrojan.GenericKD.61255967
TrendMicroTROJ_GEN.R002C0PHD22
McAfee-GW-EditionRDN/Real Protect-LS
Trapminemalicious.moderate.ml.score
SophosMal/Generic-S
SentinelOneStatic AI – Malicious PE
GDataTrojan.GenericKD.61255967
JiangminTrojan.CoinMiner.kv
AviraTR/Redcap.ihbrg
Antiy-AVLTrojan/Generic.ASMalwS.7A61
MicrosoftTrojan:Win32/Wacatac.B!ml
GoogleDetected
McAfeeRDN/Real Protect-LS
MAXmalware (ai score=89)
VBA32Trojan.ClipSpy
MalwarebytesTrojan.ReverseShell
TrendMicro-HouseCallTROJ_GEN.R002C0PHD22
RisingTrojan.ReverseShell!8.5EA1 (CLOUD)
IkarusWin32.Outbreak
MaxSecureTrojan.Malware.186679034.susgen
FortinetW32/Agent.ABUR!tr
BitDefenderThetaGen:NN.ZexaF.34592.c0Y@aCcXtMk
AVGWin32:Trojan-gen

How to remove Trojan.ReverseShell?

Trojan.ReverseShell removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment