Should I remove “IL:Trojan.MSILZilla.11309”?

The IL:Trojan.MSILZilla.11309 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What IL:Trojan.MSILZilla.11309 virus can do?

Dynamic (imported) function loading detected
CAPE extracted potentially suspicious content
Authenticode signature is invalid

How to determine IL:Trojan.MSILZilla.11309?


File Info:
name: 794C9BDAC2F7A1623A51.mlw
path: /opt/CAPEv2/storage/binaries/0400ae208938328fccaf488391bda7e7d072644bd5851ebfe09608b2e358e7b0
crc32: 3FE65B1D
md5: 794c9bdac2f7a1623a51483a220047b1
sha1: 6c654efa5d35ae7895de07a8a1b636383d31a8fd
sha256: 0400ae208938328fccaf488391bda7e7d072644bd5851ebfe09608b2e358e7b0
sha512: 3c73942d775028dee411b3a41e6025b80e00f128a71708e3818d19d506caf20c959256d0f2b92a0120977504f8d7c1191e2863d6cb92a07a55ba7454c4685fca
ssdeep: 1536:hWBWgddmMl7Z32hLWNTJhxiQACPStqzZw9ep3RA:07mMl7Z38axiQACLG
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T14A14D5E026F0C25AC6C05772C8A3B3B833749E5CDA314B976564B2EE357B61909364FE
sha3_384: 4ca655a31bfff5d626df85c2789ff118e13be4b54521d391048fe8e0e6fb38725ccebb244dc66c2fa42fd0b394761f3e
ep_bytes: ff250020400000000000000000000000
timestamp: 2021-11-23 18:57:59

Version Info:
Translation: 0x0000 0x04b0
Comments: Microsoft Teams
CompanyName: Microsoft Corporation
FileDescription: Microsoft Teams
FileVersion: 1.10.68.0
InternalName: ConsoleApp1.exe
LegalCopyright: Microsoft Corporation
LegalTrademarks: 
OriginalFilename: ConsoleApp1.exe
ProductName: Microsoft Teams
ProductVersion: 1.10.68.0
Assembly Version: 1.10.68.0

IL:Trojan.MSILZilla.11309 also known as:

Elastic	malicious (high confidence)
Cynet	Malicious (score: 100)
Cylance	Unsafe
Cybereason	malicious.ac2f7a
Cyren	W32/MSIL_Kryptik.DZK.gen!Eldorado
Symantec	MSIL.Downloader!gen5
ESET-NOD32	a variant of MSIL/GenKryptik.FOEG
APEX	Malicious
Kaspersky	HEUR:Trojan-Downloader.MSIL.Seraph.gen
BitDefender	IL:Trojan.MSILZilla.11309
MicroWorld-eScan	IL:Trojan.MSILZilla.11309
Avast	Win32:MalwareX-gen [Trj]
Ad-Aware	IL:Trojan.MSILZilla.11309
Emsisoft	IL:Trojan.MSILZilla.11309 (B)
FireEye	Generic.mg.794c9bdac2f7a162
GData	IL:Trojan.MSILZilla.11309
Avira	HEUR/AGEN.1122303
MAX	malware (ai score=80)
Arcabit	IL:Trojan.MSILZilla.D2C2D
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
AhnLab-V3	Trojan/Win.BackDoor.C4799410
ALYac	IL:Trojan.MSILZilla.11309
Malwarebytes	Trojan.MCrypt.MSIL.Generic
TrendMicro-HouseCall	TROJ_GEN.R06CH0CKR21
SentinelOne	Static AI – Malicious PE
eGambit	Unsafe.AI_Score_79%
BitDefenderTheta	Gen:NN.ZemsilF.34062.mm0@aqNgb1
AVG	Win32:MalwareX-gen [Trj]
MaxSecure	Trojan.Malware.300983.susgen

How to remove IL:Trojan.MSILZilla.11309?

IL:Trojan.MSILZilla.11309 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X