Trojan

About “IL:Trojan.MSILZilla.11606” infection

Malware Removal

The IL:Trojan.MSILZilla.11606 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What IL:Trojan.MSILZilla.11606 virus can do?

  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

How to determine IL:Trojan.MSILZilla.11606?



File Info:

name: C68EE435F812078311E9.mlw
path: /opt/CAPEv2/storage/binaries/9cb3d1f74e3c8be0bfdd019709d4bb13855dcd5b2c765f8574a4463409224128
crc32: 77EF1252
md5: c68ee435f812078311e902a52f3c2a5c
sha1: 9c845f34c953ec2f3d35dfb8839239c0de370f6b
sha256: 9cb3d1f74e3c8be0bfdd019709d4bb13855dcd5b2c765f8574a4463409224128
sha512: 920c4becb7e194167a3343777a6315c51382191d09c4d8afa8a882e25f9b26b76d07116594a64b81698897ce5f4c62e1b7927dff5fa752f36fab56ecedbf7958
ssdeep: 12288:EnTDuM0VqqSBHLBYwyiMBTDkoo5R1GUslPqX3oO7xbBAg:oXvBdYUMqxfYZy3t2
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T14FE48D1E73068559F148EBB0DF736F5106A5A9B7D8208357E35C277EE03BAA929C9303
sha3_384: 7858d21cae8cfdf2568e814e8bcea88af5cbab63910ad4fe2a5bb2ca1fdd9fa21e6bb80366b7e30486f88d07f7ddd6c8
ep_bytes: ff250020400000000000000000000000
timestamp: 2089-09-15 16:25:34


Version Info:

Translation: 0x0000 0x04b0
Comments: Microsoft .NET Framework 3.5 Setup
CompanyName: Microsoft Corporation
FileDescription: Microsoft .NET Framework 3.5 Setup
FileVersion: 3.5.21022.8
InternalName: ConsoleApp5.exe
LegalCopyright: © Microsoft Corporation. All rights reserved.
LegalTrademarks: 
OriginalFilename: ConsoleApp5.exe
ProductName: Microsoft .NET Framework 3.5
ProductVersion: 3.5.21022.8
Assembly Version: 3.5.21022.8

IL:Trojan.MSILZilla.11606 also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanIL:Trojan.MSILZilla.11606
FireEyeIL:Trojan.MSILZilla.11606
ALYacIL:Trojan.MSILZilla.11606
CylanceUnsafe
BitDefenderThetaGen:NN.ZemsilF.34062.Sm0@aqCewoj
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/TrojanDownloader.Agent.JQJ
CynetMalicious (score: 100)
KasperskyHEUR:Trojan-Downloader.MSIL.Seraph.gen
BitDefenderIL:Trojan.MSILZilla.11606
AvastWin32:DropperX-gen [Drp]
Ad-AwareIL:Trojan.MSILZilla.11606
EmsisoftIL:Trojan.MSILZilla.11606 (B)
SophosML/PE-A
IkarusTrojan.Injector
GDataIL:Trojan.MSILZilla.11606
MaxSecureTrojan.Malware.300983.susgen
AviraHEUR/AGEN.1124741
ArcabitIL:Trojan.MSILZilla.D2D56
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
AhnLab-V3Trojan/Win.AgentTesla.C4802733
MAXmalware (ai score=82)
MalwarebytesTrojan.Crypt.MSIL.Generic
APEXMalicious
SentinelOneStatic AI – Malicious PE
eGambitTrojan.Generic
FortinetMSIL/Agent.JQJ!tr
AVGWin32:DropperX-gen [Drp]
PandaTrj/GdSda.A

How to remove IL:Trojan.MSILZilla.11606?

IL:Trojan.MSILZilla.11606 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment