detection icon

Short bio

Exploit.ShellCode is Malwarebytes’ detection name for the initial payload dropped by attackers using certain server vulnerabilities.

Type and source of infection

Exploit.ShellCode are exploits being used by an attacker that allow them to escalate and maintain persistent access on an already compromised web application. Many of these are dropped by attackers using known vulnerabilities on iinternet-facing servers.


Once Exploit.ShellCode has been activated on a compromised system it can be used for lateral movement inside a network, and to drop further malware.


block Exploit.ShellCode

Malwarebytes blocks Exploit.ShellCode