Related blog content
New Golang brute forcer discovered amid rise in e-commerce attacks
How to protect your data from Magecart and other e-commerce attacks
Trojan.WallyShack is Malwarebytes’ detection name for a trojan downloader written in Delphi.
Trojan.WallyShack gathers some basic information about the affected system and sends this to hardcoded C2 servers. Then it downloads and runs the payload.
We found Trojan.WallyShck used in a Magecart related attack where the payload was Trojan.StealthWorker.GO.
Malwarebytes protects users from Trojan.WallyShack by using real-time protection.
Malwarebytes can detect and remove Trojan.WallyShack without further user interaction.
Note that since Trojan.WallyShack is a downloader you may find additional malware if it has been active.
You can use the Malwarebytes Anti-Malware Nebula console to scan endpoints.
Choose the Scan + Quarantine option. Afterwards you can check the Detections page to see which threats were found.
On the Quarantine page you can see which threats were quarantined and restore them if necessary.
Hash:
cbe74b47bd7ea953268b5df3378d11926bf97ba72d326d3ce9e0d78f3e0dc786
Domains:
snaphyteplieldup.xyz
tolmets.info
serversoftwarebase.com
Select your language