Trojan.WallyShack is Malwarebytes’ detection name for a trojan downloader written in Delphi.
Trojan.WallyShack gathers some basic information about the affected system and sends this to hardcoded C2 servers. Then it downloads and runs the payload.
We found Trojan.WallyShck used in a Magecart related attack where the payload was Trojan.StealthWorker.GO.
Malwarebytes protects users from Trojan.WallyShack by using real-time protection.
Malwarebytes can detect and remove Trojan.WallyShack without further user interaction.
Note that since Trojan.WallyShack is a downloader you may find additional malware if it has been active.
You can use the Malwarebytes Anti-Malware Nebula console to scan endpoints.
Choose the Scan + Quarantine option. Afterwards you can check the Detections page to see which threats were found.
On the Quarantine page you can see which threats were quarantined and restore them if necessary.
Select your language