Exploit.ShellCode

Short bio

Exploit.ShellCode is Malwarebytes' detection name for the initial payload dropped by attackers using certain server vulnerabilities.

Type and source of infection

Exploit.ShellCode are exploits being used by an attacker that allow them to escalate and maintain persistent access on an already compromised web application. Many of these are dropped by attackers using known vulnerabilities on iinternet-facing servers.

Aftermath

Once Exploit.ShellCode has been activated on a compromised system it can be used for lateral movement inside a network, and to drop further malware.

Protection

block Exploit.ShellCode

Malwarebytes blocks Exploit.ShellCode

Related blog content

Microsoft Exchange attacks cause panic as criminals go shell collecting

Patch now! Exchange servers attacked by Hafnium zero-days

Select your language

New Buy Online Partner Icon Warning Icon Edge icon