Trojan

IL:Trojan.MSILZilla.14706 malicious file

Malware Removal

The IL:Trojan.MSILZilla.14706 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What IL:Trojan.MSILZilla.14706 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Creates RWX memory
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • At least one IP Address, Domain, or File Name was found in a crypto call
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Attempts to remove evidence of file being downloaded from the Internet

How to determine IL:Trojan.MSILZilla.14706?



File Info:

name: DCCF1224A18682AFA4F2.mlw
path: /opt/CAPEv2/storage/binaries/ef0fb9d17169e2a7db33a8adaf9833a3048c24daa840dfba375f3aa7e599839a
crc32: C03ADC66
md5: dccf1224a18682afa4f2c2e96d501de5
sha1: 88a0670bfdd203622bf39df48354447d78070fc3
sha256: ef0fb9d17169e2a7db33a8adaf9833a3048c24daa840dfba375f3aa7e599839a
sha512: fd24ff43bdc4fd52df84493b92fccadac7a75143ed1c4fea0453beb8b8c20ef4709f1994057d7f028186c68c2033c0b5fde161dd1bfcd054e39824774af583b7
ssdeep: 12288:fJpFN77K2FIMnm47FfN2kQmW+Ak1LJ7pSZaHQQh:BLk2/lW+P1US
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T186D4AF8178ACEAC7D63705B2BC3A77F4209CFDCD6215C65F3587B7A9062B3412419A2E
sha3_384: e1f7fc9a1fa66c070abdd6ccf28f30c629036559315c5262955bff1cc2143e3d361d1754d0fafb18c1d17976752fbc37
ep_bytes: ff250020400000000000000000000000
timestamp: 2017-09-18 22:00:14


Version Info:

Comments: Video card Information Utility
CompanyName: techPowerUp (www.techpowerup.com)
FileDescription: Video card Information Utility
FileVersion: 1.0.0.0
InternalName: Wps_Office_Cloud.exe
LegalCopyright: Copyright ©  2017
LegalTrademarks: 
OriginalFilename: Wps_Office_Cloud.exe
ProductName: Wps_Office_Cloud
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0
Translation: 0x0000 0x04b0

IL:Trojan.MSILZilla.14706 also known as:

LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanIL:Trojan.MSILZilla.14706
FireEyeGeneric.mg.dccf1224a18682af
McAfeeGenericRXCW-AB!DCCF1224A186
CylanceUnsafe
ZillyaTrojan.Crypt.Win32.37208
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 005173bc1 )
AlibabaTrojan:MSIL/Kryptik.7a159b3c
K7GWTrojan ( 005173bc1 )
Cybereasonmalicious.4a1868
SymantecTrojan.Gen
ESET-NOD32a variant of MSIL/Kryptik.KXG
APEXMalicious
Paloaltogeneric.ml
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderIL:Trojan.MSILZilla.14706
NANO-AntivirusTrojan.Win32.Kryptik.etaugp
TencentWin32.Trojan.Inject.Auto
Ad-AwareIL:Trojan.MSILZilla.14706
SophosMal/Generic-S
DrWebTrojan.DownLoader22.55152
VIPRETrojan.Win32.Generic!BT
TrendMicroBKDR_HPBLADABINDI.SMZ
McAfee-GW-EditionBehavesLike.Win32.Generic.hc
EmsisoftIL:Trojan.MSILZilla.14706 (B)
IkarusTrojan.MSIL.Inject
GDataIL:Trojan.MSILZilla.14706
AviraHEUR/AGEN.1222208
Antiy-AVLTrojan/Generic.ASMalwS.21CBB54
MicrosoftTrojan:Win32/Skeeyah.A!rfn
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Crypt.C2153072
BitDefenderThetaGen:NN.ZemsilF.34212.Lm0@aSyC6ac
ALYacIL:Trojan.MSILZilla.14706
MAXmalware (ai score=99)
VBA32Trojan.MSIL.Crypt
PandaTrj/GdSda.A
TrendMicro-HouseCallBKDR_HPBLADABINDI.SMZ
RisingTrojan.Generic/MSIL@AI.100 (RDM.MSIL:/cM2uZEwu4m/O89Osh7jWg)
YandexTrojan.Kryptik!xXIPRk8HU3M
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Injector.SXY!tr
AVGWin32:Malware-gen
AvastWin32:Malware-gen
CrowdStrikewin/malicious_confidence_90% (W)

How to remove IL:Trojan.MSILZilla.14706?

IL:Trojan.MSILZilla.14706 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment