What is “IL:Trojan.MSILMamut.12788”?

The IL:Trojan.MSILMamut.12788 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What IL:Trojan.MSILMamut.12788 virus can do?

CAPE extracted potentially suspicious content
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
Anomalous .NET characteristics

How to determine IL:Trojan.MSILMamut.12788?


File Info:
name: B53458E8B1DF885B08DB.mlw
path: /opt/CAPEv2/storage/binaries/758efd231aa48a7371fb2af68e3d9d1ad3dfa681e8e67f4a5b976021157aa87d
crc32: 7D9C278D
md5: b53458e8b1df885b08db2a299d5360de
sha1: 6b4a4c7d88ffb66caece340cc72444749d8e41c9
sha256: 758efd231aa48a7371fb2af68e3d9d1ad3dfa681e8e67f4a5b976021157aa87d
sha512: a8a850d59f2bc9df29bc1701fe45c6f7b848be35de0e9ba994bb36c1a8df8d77e9533c4b7b68912d7265881bf24a42fd1aa2a37fb53442b18f1fc9eeda4ec58a
ssdeep: 98304:i7fJIm6fp91RcfRen3jQXdEFH5rrFbPjyWaXdoa1R9w8yWSN:sRIjf/SQgdKHhFydo1Z
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1BB263380777A1E06FBAFDB7D24E00A99D973A35B8000EBAD114D25969C3F2D2A075D37
sha3_384: e8a11864bb22780a03995468ed15d396a7b8b7a9e4aa1bfa4775284cb467eeb75cdeaf9af795db4ab1cfdd20887043cf
ep_bytes: ff250020400000000000000000000000
timestamp: 2023-07-03 14:17:32

Version Info:
Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: 174IPS-Simulator.StartTool
FileVersion: 0.0.0.0
InternalName: 174IPS-Simulator.StartTool.exe
LegalCopyright: Copyright © 2015-2019
LegalTrademarks: 
OriginalFilename: 174IPS-Simulator.StartTool.exe
ProductName: 174IPS-Simulator
ProductVersion: 1.0.0.e7ca35c
Assembly Version: 0.0.0.0

IL:Trojan.MSILMamut.12788 also known as:

Lionic	Trojan.Win32.Mamut.4!c
MicroWorld-eScan	IL:Trojan.MSILMamut.12788
FireEye	IL:Trojan.MSILMamut.12788
ALYac	IL:Trojan.MSILMamut.12788
Malwarebytes	Generic.Malware/Suspicious
VIPRE	IL:Trojan.MSILMamut.12788
Sangfor	Trojan.Win32.Agent.V89c
Symantec	Trojan.Gen.MBT
APEX	Malicious
BitDefender	IL:Trojan.MSILMamut.12788
Avast	Win32:TrojanX-gen [Trj]
McAfee-GW-Edition	GenericRXVR-VM!B53458E8B1DF
Emsisoft	IL:Trojan.MSILMamut.12788 (B)
Ikarus	Trojan.Crypt
GData	IL:Trojan.MSILMamut.12788
MAX	malware (ai score=80)
Antiy-AVL	Trojan/Win32.SGeneric
Arcabit	IL:Trojan.MSILMamut.D31F4
Microsoft	Program:Win32/Wacapew.C!ml
Google	Detected
McAfee	GenericRXVR-VM!B53458E8B1DF
Cylance	unsafe
TrendMicro-HouseCall	TROJ_GEN.R002H06G323
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	PossibleThreat
AVG	Win32:TrojanX-gen [Trj]
DeepInstinct	MALICIOUS

How to remove IL:Trojan.MSILMamut.12788?

IL:Trojan.MSILMamut.12788 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X