Concrete signature match: Trojan - Appears legitimate but performs malicious actions for 64-bit Windows platform, family ShellcodeRunner
This is a concrete detection of a Win64 Trojan, identified as ShellcodeRunner.SXD!MTB, which uses machine learning behavioral analysis. Malware Bazaar intelligence indicates this specific variant functions as a CoinMiner, meaning it's designed to illicitly use system resources to mine cryptocurrency. This activity significantly impacts system performance and consumes unauthorized resources.
No detailed analysis available from definition files.
2bb1e5407f5d17a03425fe3a70a0baaa47b693e38b003d777ef635ebad9f4d06Immediately isolate the infected endpoint from the network. Conduct a full system scan using up-to-date anti-malware software to remove the threat and any dropped components. Investigate for persistence mechanisms, analyze network logs for connections to known mining pools or C2 servers (e.g., 94.154.35.227), and block these IPs at the network perimeter. Consider re-imaging the system if a complete remediation cannot be confirmed.