What is “IL:Trojan.MSILMamut.5478”?

The IL:Trojan.MSILMamut.5478 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What IL:Trojan.MSILMamut.5478 virus can do?

Dynamic (imported) function loading detected
CAPE extracted potentially suspicious content
Authenticode signature is invalid
Binary compilation timestomping detected

How to determine IL:Trojan.MSILMamut.5478?


File Info:
name: A7534BD46F75CFAEFA47.mlw
path: /opt/CAPEv2/storage/binaries/ab03fc440b1743747001b6d1a0ce35294da82131d9039d090906c2e03c2d90b4
crc32: 563ECB0C
md5: a7534bd46f75cfaefa4779828cc1f7f3
sha1: 5c768869e2bd58df09254b991ea697871cc35979
sha256: ab03fc440b1743747001b6d1a0ce35294da82131d9039d090906c2e03c2d90b4
sha512: 37120a9e6fc0d9bd095dc68571be20bdd9bce768c1674a47704383fb6a971fca21f5f41747d5a04e4fb0a01c6d48e20b8052de2f1da51ff42afbdc760bf30ec5
ssdeep: 6144:LX5tvU31UuGrEMhAIK3/0F9WF9RpIY78LYkpZK/sM+Nc4oNnZsd+FRMlACkLkhLJ:Lfc3eNToNnZssFRKFL/cDKn
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C4E4B81972E94A04E57BBB758FF1906583337A4EDA7FC71E008D82970BA3A00661B777
sha3_384: 1a739141b824afcbfe95085caad193ae8ecc8b5fb576a39c5ebabaf35b966210b16bd65b111b15545dab396c30fa46bf
ep_bytes: ff250020400020002e003f0000009021
timestamp: 2074-06-29 21:24:07

Version Info:
Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: Schedule_OnlineProcessing
FileVersion: 22.3.3.0
InternalName: Schedule_OnlineProcessing.exe
LegalCopyright: Copyright ©  2021
LegalTrademarks: 
OriginalFilename: Schedule_OnlineProcessing.exe
ProductName: Schedule_OnlineProcessing
ProductVersion: 22.3.3.0
Assembly Version: 1.0.0.0

IL:Trojan.MSILMamut.5478 also known as:

Lionic	Trojan.Win32.Mamut.4!c
MicroWorld-eScan	IL:Trojan.MSILMamut.5478
ALYac	IL:Trojan.MSILMamut.5478
VIPRE	IL:Trojan.MSILMamut.5478
Cyren	W32/Mamut.F.gen!Eldorado
Symantec	Trojan.Gen.2
APEX	Malicious
ClamAV	Win.Malware.Msilmamut-9958031-0
BitDefender	IL:Trojan.MSILMamut.5478
Avast	Win32:TrojanX-gen [Trj]
Ad-Aware	IL:Trojan.MSILMamut.5478
Emsisoft	IL:Trojan.MSILMamut.5478 (B)
Comodo	Malware@#2cig7t35ti8h2
McAfee-GW-Edition	Artemis!Trojan
FireEye	IL:Trojan.MSILMamut.5478
GData	IL:Trojan.MSILMamut.5478
MAX	malware (ai score=82)
Arcabit	IL:Trojan.MSILMamut.D1566
ViRobot	Trojan.Win32.Z.Agent.692224.ANC
Microsoft	Trojan:Win32/Wacatac.B!ml
Cynet	Malicious (score: 100)
McAfee	GenericRXTS-OW!A7534BD46F75
Malwarebytes	Malware.AI.1090152556
TrendMicro-HouseCall	TROJ_GEN.R002H09GN22
Ikarus	Trojan.IL.MSILMamut
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	PossibleThreat
AVG	Win32:TrojanX-gen [Trj]

How to remove IL:Trojan.MSILMamut.5478?

IL:Trojan.MSILMamut.5478 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X