Trojan

IL:Trojan.MSILZilla.18064 information

Malware Removal

The IL:Trojan.MSILZilla.18064 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What IL:Trojan.MSILZilla.18064 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Creates RWX memory
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Anomalous .NET characteristics

How to determine IL:Trojan.MSILZilla.18064?



File Info:

name: 98838AF9D40F1DA3A531.mlw
path: /opt/CAPEv2/storage/binaries/04080573e133a48c10b8f676ee17c4147033c1b937ae3937e60202c7734ad18f
crc32: CED780AF
md5: 98838af9d40f1da3a5319bdb12e0bce8
sha1: d52f1f2be7375eb56b3020f8794a20128f736a15
sha256: 04080573e133a48c10b8f676ee17c4147033c1b937ae3937e60202c7734ad18f
sha512: 28c2f11ba6628942bd305b7d4aac2e4a6c9c8018bfdb5297a265b348ef70007054dd215fd71ccb318800b932948846b21e821406000aa638bec917cb1b4c10ea
ssdeep: 12288:aFKWoccpVnCXcxwkMdOWQtXs4xRw5FxzPebtFmcxDr:aYFVzCXcxVFW+RwX92btF
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T12AB46C0CBAE6F625DA68433685E2D5184173BD11BA07FB6BBDD137EE0E30798C086917
sha3_384: f62a1e5b39ba824c6bbee5ef5c04c7d1003977b7203a95f32e287bfa65143ad4fe65908478c2eebf3898eb077b6fa62d
ep_bytes: ff250020400000000000000000000000
timestamp: 2022-03-06 22:43:06


Version Info:

Translation: 0x0409 0x04e4
FileDescription: Resource viewer, decompiler & recompiler
FileVersion: 4.5.30.180
InternalName: ResHack
LegalCopyright: (c) Angus Johnson 1999-2016
OriginalFilename: ResHack
ProductVersion: 4.5.0.0
Assembly Version: 0.0.0.0
CompanyName: Angus Johnson

IL:Trojan.MSILZilla.18064 also known as:

BkavW32.AIDetectNet.01
MicroWorld-eScanIL:Trojan.MSILZilla.18064
ALYacIL:Trojan.MSILZilla.18064
CylanceUnsafe
SangforSuspicious.Win32.Save.a
Cybereasonmalicious.be7375
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of MSIL/Packed.MultiPacked.Z
APEXMalicious
KasperskyHEUR:Trojan.MSIL.Crypt.gen
BitDefenderIL:Trojan.MSILZilla.18064
AvastMSIL:GenMalicious-AZQ [Trj]
Ad-AwareIL:Trojan.MSILZilla.18064
EmsisoftIL:Trojan.MSILZilla.18064 (B)
F-SecureHeuristic.HEUR/AGEN.1235976
McAfee-GW-EditionRDN/Generic.rp
FireEyeGeneric.mg.98838af9d40f1da3
SophosML/PE-A
SentinelOneStatic AI – Malicious PE
GDataIL:Trojan.MSILZilla.18064
AviraHEUR/AGEN.1235976
MAXmalware (ai score=87)
ArcabitIL:Trojan.MSILZilla.D4690
ZoneAlarmHEUR:Trojan.MSIL.Crypt.gen
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 99)
AhnLab-V3Trojan/Win.Disfa.C4983858
McAfeeRDN/Generic.rp
IkarusTrojan.MSIL.MultiPacked
BitDefenderThetaGen:NN.ZemsilF.34606.Gm0@ayFuCogi
AVGMSIL:GenMalicious-AZQ [Trj]
CrowdStrikewin/malicious_confidence_90% (D)

How to remove IL:Trojan.MSILZilla.18064?

IL:Trojan.MSILZilla.18064 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment