Should I remove “IL:Trojan.MSILZilla.18930”?

The IL:Trojan.MSILZilla.18930 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What IL:Trojan.MSILZilla.18930 virus can do?

Dynamic (imported) function loading detected
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine IL:Trojan.MSILZilla.18930?


File Info:
name: 77773F29F93B9664A2C5.mlw
path: /opt/CAPEv2/storage/binaries/af2c8548902c1b2a823a1c8b7300b7c80165eeb01e8e65581ad87cc6d53fd628
crc32: 89AA5A93
md5: 77773f29f93b9664a2c56597e959bfc5
sha1: bee752bf88186b209f92230a014ed1d00109d330
sha256: af2c8548902c1b2a823a1c8b7300b7c80165eeb01e8e65581ad87cc6d53fd628
sha512: 3e45bb9b6ec018ad8876b8ef83e35f5141afbf49b2565a38e4d4ecb1b98479b3faa05f912fcda6eac02c349d348c511aa6512d5e84efeb9d3edf1b0b6bffd16c
ssdeep: 24576:0oln7qvOTDRm6aZsI31njajryYBKlRcK:0ebs6NI31njwGt
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T17D15F18F9A2AD4A3CFF951BF6F68D1D629D482424DE0A5BC64584DD340A0D38EF8C2D7
sha3_384: 367028067ceda513f17fd3524cf273d7d85843d2b0e0a77e8012796558921c7c26a0020648005f6c8b2386479d85db36
ep_bytes: ff250020400000000000000000000000
timestamp: 2022-05-23 15:20:45

Version Info:
Translation: 0x0000 0x04b0
Comments: FECHAS Y PERIODOS DE INFORME.xlsx
FileDescription: FECHAS Y PERIODOS DE INFORME.xlsx
FileVersion: 8.1.4.3
InternalName: W5NHRiP54n.exe
LegalCopyright:  
OriginalFilename: W5NHRiP54n.exe
ProductName: FECHAS Y PERIODOS DE INFORME.xlsx
ProductVersion: 8.1.4.3
Assembly Version: 8.1.4.3

IL:Trojan.MSILZilla.18930 also known as:

Bkav	W32.AIDetectNet.01
MicroWorld-eScan	IL:Trojan.MSILZilla.18930
ALYac	IL:Trojan.MSILZilla.18930
Cylance	Unsafe
Sangfor	Suspicious.Win32.Save.a
K7AntiVirus	Trojan ( 005932a61 )
Alibaba	Trojan:MSIL/Witch.49e2ac7e
K7GW	Trojan ( 005932a61 )
Cybereason	malicious.f88186
Cyren	W32/MSIL_Kryptik.HLO.gen!Eldorado
Elastic	malicious (high confidence)
ESET-NOD32	a variant of MSIL/Kryptik.AFAM
APEX	Malicious
Paloalto	generic.ml
Kaspersky	HEUR:Trojan.MSIL.Witch.gen
BitDefender	IL:Trojan.MSILZilla.18930
Avast	Win32:TrojanX-gen [Trj]
Tencent	Msil.Trojan.Witch.Ahyl
Ad-Aware	IL:Trojan.MSILZilla.18930
Emsisoft	IL:Trojan.MSILZilla.18930 (B)
TrendMicro	TROJ_GEN.R002C0PFG22
McAfee-GW-Edition	GenericRXTF-KA!77773F29F93B
Trapmine	malicious.moderate.ml.score
FireEye	Generic.mg.77773f29f93b9664
Sophos	Mal/Generic-S
SentinelOne	Static AI – Malicious PE
GData	IL:Trojan.MSILZilla.18930
Avira	TR/Crypt.XDR.Gen
Microsoft	Trojan:Win32/Wacatac.B!ml
Cynet	Malicious (score: 100)
Acronis	suspicious
McAfee	GenericRXTF-KA!77773F29F93B
MAX	malware (ai score=82)
Malwarebytes	Trojan.Crypt.MSIL.Generic
TrendMicro-HouseCall	TROJ_GEN.R002C0PFG22
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	MSIL/Kryptik.AFAM!tr
BitDefenderTheta	Gen:NN.ZemsilF.34742.6m0@a0WYaYm
AVG	Win32:TrojanX-gen [Trj]
CrowdStrike	win/malicious_confidence_100% (W)

How to remove IL:Trojan.MSILZilla.18930?

IL:Trojan.MSILZilla.18930 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X