About “IL:Trojan.MSILZilla.18303” infection

The IL:Trojan.MSILZilla.18303 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What IL:Trojan.MSILZilla.18303 virus can do?

Dynamic (imported) function loading detected
Authenticode signature is invalid

How to determine IL:Trojan.MSILZilla.18303?


File Info:
name: 9EE9327B26E1E381164F.mlw
path: /opt/CAPEv2/storage/binaries/163fe151cf48d27a6f15d43958b5fd8ea8ce9f443fee0939479d8a2d282ef6e9
crc32: CEEA312B
md5: 9ee9327b26e1e381164f168eb5f2b41a
sha1: afad49961ce4f7b6daf7f80e6f3e240f790526be
sha256: 163fe151cf48d27a6f15d43958b5fd8ea8ce9f443fee0939479d8a2d282ef6e9
sha512: 2211d5317bd5a47ea84ce13c37d975a70ebf52bac94e8e808528b3ba86bf2d4659bac0b78918c8d3aeca3b5f670c1b5196d83be1f9225e4ed47d6090519dc59a
ssdeep: 384:ppH3kp8HHePpEdchiT+AcXcYYYcEcYYYYvWcYYYYBRYYYr0+YYYkVVVIVVVuIYYz:ppXkMIiTET0kBDtvIcLiniCcEYZBS
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11754D8CDCC61A113CBD645F16AEA9C85AB3DBE4C0C157C922A0A96C35553B88B037DFB
sha3_384: 08c0b42a1345e24f57d743319557dc684692a3a46aeb7be23c8d46d4263695c4c6b2214344720aec9f057e955e2f2ccd
ep_bytes: ff250020400000000000000000000000
timestamp: 2022-06-13 17:21:21

Version Info:
Translation: 0x0000 0x04b0
Comments: iSCSI Discovery tool
CompanyName: Microsoft Corporation
FileDescription: iSCSI Discovery tool
FileVersion: 10.0.19041.1645
InternalName: finalmi.exe
LegalCopyright: © Microsoft Corporation. All rights reserved.
LegalTrademarks: 
OriginalFilename: finalmi.exe
ProductName: Microsoft® Windows® Operating System
ProductVersion: 10.0.19041.1645
Assembly Version: 10.0.19041.1645

IL:Trojan.MSILZilla.18303 also known as:

Bkav	W32.AIDetectNet.01
Elastic	malicious (high confidence)
MicroWorld-eScan	IL:Trojan.MSILZilla.18303
Cylance	Unsafe
Sangfor	Suspicious.Win32.Save.a
CrowdStrike	win/malicious_confidence_70% (D)
Cyren	W32/MSIL_Agent.CQX.gen!Eldorado
ESET-NOD32	a variant of MSIL/TrojanDownloader.Tiny.BSA
APEX	Malicious
BitDefender	IL:Trojan.MSILZilla.18303
Ad-Aware	IL:Trojan.MSILZilla.18303
FireEye	Generic.mg.9ee9327b26e1e381
Emsisoft	IL:Trojan.MSILZilla.18303 (B)
SentinelOne	Static AI – Malicious PE
GData	IL:Trojan.MSILZilla.18303
Avira	HEUR/AGEN.1235267
Arcabit	IL:Trojan.MSILZilla.D477F
Microsoft	Trojan:Win32/Wacatac.B!ml
Cynet	Malicious (score: 100)
ALYac	IL:Trojan.MSILZilla.18303
MAX	malware (ai score=87)
MaxSecure	Trojan.Malware.300983.susgen
BitDefenderTheta	Gen:NN.ZemsilF.34712.rm0@aWgRkkd
Cybereason	malicious.61ce4f

How to remove IL:Trojan.MSILZilla.18303?

IL:Trojan.MSILZilla.18303 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X