Trojan

About “IL:Trojan.MSILZilla.13011” infection

Malware Removal

The IL:Trojan.MSILZilla.13011 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What IL:Trojan.MSILZilla.13011 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Creates RWX memory
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

How to determine IL:Trojan.MSILZilla.13011?



File Info:

name: C67AD184E1F9D64FFBD9.mlw
path: /opt/CAPEv2/storage/binaries/648878af1fb82c31a87b8ef45b8ba55f9a6ff6ae256cee4ee2777845d3ff99f9
crc32: 8A27C26E
md5: c67ad184e1f9d64ffbd960129ad26471
sha1: 077c50dcd5d413b8ddac4b0f9ae011baab32c41d
sha256: 648878af1fb82c31a87b8ef45b8ba55f9a6ff6ae256cee4ee2777845d3ff99f9
sha512: 79380fee611b4753eecb0f6b64c8cc0ce2f15f08e3a6d7ad660a0cbf97440713afe535f4d3cedbfeab3a086c368ffd1bb7769cf45c1f676fb9c7d9ff95e8db11
ssdeep: 6144:GC28SK0skd8ZRXu/7+QxDiM5snMvB0EmKLZPDvOBpqgOMqwnk:d7iskd8Zq7hf3bvOBpXqwk
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T19AB47C2077F88722E1BE2737D0B9551543F1E862A1FBEB1E686468FA1D437417E203A7
sha3_384: 3ce7f9dbd9037e3e1221a4780546629bd83ade1c59b7cb3855299356c52802df088f17317060518e4dcce3c38d1059f4
ep_bytes: ff250020400000000000000000000000
timestamp: 2080-12-27 03:52:24


Version Info:

Translation: 0x0000 0x04b0
Comments: off_y752kCNqX7mUXREB
CompanyName: off_y752kCNqX7mUXREB
FileDescription: off_y752kCNqX7mUXREB
FileVersion: 0.2.1.0
InternalName: poweroff.exe
LegalCopyright: Copyright ©  2022
LegalTrademarks: 
OriginalFilename: poweroff.exe
ProductName: off_y752kCNqX7mUXREB
ProductVersion: 0.2.1.0
Assembly Version: 0.1.5.3

IL:Trojan.MSILZilla.13011 also known as:

LionicAdware.MSIL.Csdi.2!c
Elasticmalicious (high confidence)
DrWebAdware.WizzMonetize.1
MicroWorld-eScanIL:Trojan.MSILZilla.13011
FireEyeGeneric.mg.c67ad184e1f9d64f
CAT-QuickHealTrojan.Csdimonetize
McAfeeRDN/Generic PUP.x
CylanceUnsafe
SangforAdware.Win32.Csdi.gen
K7AntiVirusAdware ( 005684bb1 )
AlibabaAdWare:MSIL/CsdiMonetize.f92dfacb
K7GWAdware ( 005684bb1 )
BitDefenderThetaGen:NN.ZemsilF.34232.Gq0@aact8Vf
CyrenW32/Trojan.HULZ-0517
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Adware.CsdiMonetize.BC
TrendMicro-HouseCallTROJ_GEN.R002C0PB622
Paloaltogeneric.ml
Kasperskynot-a-virus:HEUR:AdWare.MSIL.Csdi.gen
BitDefenderIL:Trojan.MSILZilla.13011
AvastWin32:AdwareX-gen [Adw]
TencentMsil.Adware.Csdi.Syhu
Ad-AwareIL:Trojan.MSILZilla.13011
SophosGeneric PUA AH (PUA)
ZillyaAdware.Csdi.Win32.536
TrendMicroTROJ_GEN.R002C0PB622
McAfee-GW-EditionRDN/Generic PUP.x
EmsisoftIL:Trojan.MSILZilla.13011 (B)
IkarusAdWare.MSIL.Csdimonetize
GDataIL:Trojan.MSILZilla.13011
AviraHEUR/AGEN.1203820
MAXmalware (ai score=99)
Antiy-AVLTrojan/Generic.ASMalwS.3521463
GridinsoftRansom.Win32.Sabsik.sa
ViRobotAdware.Csdimonetize.537600.A
MicrosoftBackdoor:Win32/Bladabindi!ml
CynetMalicious (score: 99)
ALYacIL:Trojan.MSILZilla.13011
VBA32TScope.Trojan.MSIL
MalwarebytesAdware.Csdimonetize
APEXMalicious
RisingTrojan.Generic/MSIL@AI.92 (RDM.MSIL:E7rxzpgNb2ZpMeUAn7HYFQ)
YandexPUA.Csdi!Jgvbl/fnnwA
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.74215634.susgen
FortinetAdware/CsdiMonetize
WebrootW32.Adware.Gen
AVGWin32:AdwareX-gen [Adw]
PandaTrj/GdSda.A

How to remove IL:Trojan.MSILZilla.13011?

IL:Trojan.MSILZilla.13011 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment