What is “IL:Trojan.MSILZilla.12830”?

The IL:Trojan.MSILZilla.12830 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What IL:Trojan.MSILZilla.12830 virus can do?

CAPE extracted potentially suspicious content
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine IL:Trojan.MSILZilla.12830?


File Info:
name: AB4DAF0E359BF83EF474.mlw
path: /opt/CAPEv2/storage/binaries/f202f1cd72810d05ac000834ee9ffba3bf7f0582fb6534f0448c0f31b8ce8046
crc32: D961C06A
md5: ab4daf0e359bf83ef4747f7a20ad293e
sha1: 61f91f6246ea60d7b86abf307a4ac4c21cc32874
sha256: f202f1cd72810d05ac000834ee9ffba3bf7f0582fb6534f0448c0f31b8ce8046
sha512: 5c0a1f0f3e80e293fb95972da2d3bbf90af8d3a30e90db3a51c182e421f6050b18b5d4d01e668e51272f0d050331ff0cb6fd2eed3d3ed2d51e3ae92ae37c71d7
ssdeep: 24576:5RCJuON1QEU587MN88ufXM5hsZQCg9oS59C1FDN0LbAhhkjX:5RCQ8QEUGMSHvM51hG1rDN0Lb
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F1550162047655DACF3E217CEA27AA7490186C661CB939A233E73D323FB2D56345D02F
sha3_384: b082d781386cc03abe2020d630416894896669a049eff54db23da16f7bfe26c4d7515f6c5a61d8fac7cb8879bc4915ae
ep_bytes: ff250020400000000000000000000000
timestamp: 2015-06-16 14:18:01

Version Info:
Translation: 0x0000 0x04b0
Comments: WinRAR archiver
CompanyName: Alexander Roshal
FileDescription: WinRAR
FileVersion: 5.20.0.0
InternalName: trlalalalala.exe
LegalCopyright: Copyright © Alexander Roshal 1993-2014
OriginalFilename: trlalalalala.exe
ProductName: WinRAR
ProductVersion: 5.20.0.0
Assembly Version: 5.20.0.0

IL:Trojan.MSILZilla.12830 also known as:

MicroWorld-eScan	IL:Trojan.MSILZilla.12830
FireEye	Generic.mg.ab4daf0e359bf83e
McAfee	Artemis!AB4DAF0E359B
Sangfor	Suspicious.Win32.Save.a
Cybereason	malicious.246ea6
BitDefenderTheta	Gen:NN.ZemsilF.36350.tn0@aCEciYiG
Symantec	Scr.Malcode!gdn33
Elastic	malicious (high confidence)
ESET-NOD32	a variant of MSIL/Injector.KFO
APEX	Malicious
Cynet	Malicious (score: 100)
Kaspersky	HEUR:Trojan.MSIL.Inject.gen
BitDefender	IL:Trojan.MSILZilla.12830
Avast	Win32:Malware-gen
Tencent	Msil.Trojan.Inject.Kcnw
Emsisoft	IL:Trojan.MSILZilla.12830 (B)
F-Secure	Heuristic.HEUR/AGEN.1308633
VIPRE	IL:Trojan.MSILZilla.12830
McAfee-GW-Edition	Artemis!Trojan
Trapmine	malicious.moderate.ml.score
Sophos	Mal/Generic-S
SentinelOne	Static AI – Malicious PE
GData	IL:Trojan.MSILZilla.12830
Avira	HEUR/AGEN.1308633
Arcabit	IL:Trojan.MSILZilla.D321E
ZoneAlarm	HEUR:Trojan.MSIL.Inject.gen
ALYac	IL:Trojan.MSILZilla.12830
MAX	malware (ai score=87)
Ikarus	Trojan.MSIL.Injector
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	MSIL/Injector.KFO!tr
AVG	Win32:Malware-gen
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_100% (D)

How to remove IL:Trojan.MSILZilla.12830?

IL:Trojan.MSILZilla.12830 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X