How to remove “IL:Trojan.MSILZilla.12695”?

The IL:Trojan.MSILZilla.12695 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What IL:Trojan.MSILZilla.12695 virus can do?

Dynamic (imported) function loading detected
CAPE extracted potentially suspicious content
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine IL:Trojan.MSILZilla.12695?


File Info:
name: 6ACD1B30FA6C53382D48.mlw
path: /opt/CAPEv2/storage/binaries/1276b0aef7850eb9121ec673cd7a3d9dd613432166ce4ee02f3c10c0c9730912
crc32: E398DAE5
md5: 6acd1b30fa6c53382d4832f5ce002ea7
sha1: 904b08df6fae55803225d7dfb428aa59dd322756
sha256: 1276b0aef7850eb9121ec673cd7a3d9dd613432166ce4ee02f3c10c0c9730912
sha512: 3f38b3e6419722921c835286dda1d2494295781450052314483fb661a137157fe227bebae006ddf60a4bba9adcf6992c557e51f3e56f8e03b0c901cbca0c0f3f
ssdeep: 24576:2lkjf9aTXEum7JIJAL1RWSWhf+rPXCJQNjdLvTh6PS1j+g7vkMzeQIgK92s3vJ7:UkjwTUJhP5W4PyGNBvNGgTcp42h
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D9A5D020B3A0B7D6D5A50F358C22668442FBDC532E35F65FACD936D92C71B168B2B213
sha3_384: e467e0fcc94f6438f240c404c56aa8552a617806855d3e2c388ecf3e8a25983983e28276e1b509aaa0b217a2371e4009
ep_bytes: ff250020400000000000000000000000
timestamp: 2012-06-25 09:52:00

Version Info:
Translation: 0x0000 0x04b0
Comments: IE2I9DA93:8HG4GI
CompanyName: =F=;:J749E=7A67
FileDescription: Google Chrome
FileVersion: 1.1.1.1
InternalName: 486123158.exe
LegalCopyright: Copyright © 1991 =F=;:J749E=7A67
OriginalFilename: 486123158.exe
ProductName: E=EI4J?A6BG9@C5G7D585H
ProductVersion: 1.1.1.1
Assembly Version: 1.0.0.0

IL:Trojan.MSILZilla.12695 also known as:

Lionic	Trojan.Win32.Generic.4!c
MicroWorld-eScan	IL:Trojan.MSILZilla.12695
FireEye	Generic.mg.6acd1b30fa6c5338
McAfee	AgentTesla-FDAK!6ACD1B30FA6C
Cylance	Unsafe
Zillya	Trojan.Kryptik.Win32.3591538
Sangfor	Trojan.Win32.Wacatac.B
K7AntiVirus	Trojan ( 005815471 )
Alibaba	Trojan:MSIL/Kryptik.5514ecbe
K7GW	Trojan ( 005815471 )
Symantec	MSIL.Packed.2
ESET-NOD32	a variant of MSIL/Kryptik.ACNQ
TrendMicro-HouseCall	TROJ_GEN.R002C0PJ321
Paloalto	generic.ml
BitDefender	IL:Trojan.MSILZilla.12695
Avast	Win32:RATX-gen [Trj]
Rising	Trojan.Generic/MSIL@AI.100 (RDM.MSIL:yRpTwBTtCmyJc+eGwdtSpA)
Sophos	Mal/Generic-S
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	TROJ_GEN.R002C0PJ321
McAfee-GW-Edition	AgentTesla-FDAK!6ACD1B30FA6C
SentinelOne	Static AI – Malicious PE
Emsisoft	IL:Trojan.MSILZilla.12695 (B)
Ikarus	Trojan.MSIL.Inject
Avira	HEUR/AGEN.1145638
Antiy-AVL	Trojan/Generic.ASMalwS.34A943A
Microsoft	Trojan:Win32/Wacatac.B!ml
GData	IL:Trojan.MSILZilla.12695
Cynet	Malicious (score: 99)
AhnLab-V3	Trojan/Win.Generic.C4606925
ALYac	IL:Trojan.MSILZilla.12695
Malwarebytes	Trojan.MZCrypt.MSIL.Generic
APEX	Malicious
MAX	malware (ai score=100)
Fortinet	MSIL/Kryptik.ACMJ!tr
AVG	Win32:RATX-gen [Trj]
CrowdStrike	win/malicious_confidence_70% (W)
MaxSecure	Trojan.Malware.300983.susgen

How to remove IL:Trojan.MSILZilla.12695?

IL:Trojan.MSILZilla.12695 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X