Mal/Generic

Mal/Generic indicates that Sophos has detected malware.

Mal/Generic covers a class of automated malware detections. Due to the nature of automation a more specific attribution of malware family or attack type is not available. The majority of the detection in this class come from Sophos' cloud-based reputation database, which labels known bad files.

Malware stands for “malicious software” and can be one of many kinds of software built to harm systems and devices, steal information, or give an attacker control over the system and its information.

Common kinds of malware include:

• Ransomware: Encrypts key files and demands financial payment in return for decrypting them.
• Crimeware bots: Malware like Emotet and QBot which are used to sell access to compromised machines to other attackers or criminal groups such as ransomware groups.
• Cryptominers: Malware that hijacks computer CPU resources to “mine” cryptocurrency like Bitcoin or Monero for attackers’ financial gain.
• Distributed Denial of Service bots: Malicious code that makes a compromised system participate in Distributed Denial of Service (DDoS) attacks that attempt to take down websites or otherwise disrupt the internet.
• Downloaders and Droppers: Malicious code that attempts to download other malicious code like ransomware.
• Information Stealers: Capture keystrokes to gain personal information.
• Remote Access Trojans or Tools (RATs): Malicious software that gives attackers full control of your system.

You can find information on malware attacks on Sophos Naked Security here and the Sophos X-Ops blog here.

If you believe this detection is incorrect, please report this file to Sophos Support.