IL:Trojan.MSILZilla.19511 removal guide

The IL:Trojan.MSILZilla.19511 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What IL:Trojan.MSILZilla.19511 virus can do?

Authenticode signature is invalid
Anomalous .NET characteristics
CAPE detected the Chaos malware family

How to determine IL:Trojan.MSILZilla.19511?


File Info:
name: 803BEE1C5A0061E7BB52.mlw
path: /opt/CAPEv2/storage/binaries/8ed93259854cc13ca9b22b55d82c264a73d8fd573a0d19144155e042926bb8bc
crc32: 4F2D5EBA
md5: 803bee1c5a0061e7bb5283bd128b5cb2
sha1: 955644e61dbad202fd90dbbcfc0ee802badb06a0
sha256: 8ed93259854cc13ca9b22b55d82c264a73d8fd573a0d19144155e042926bb8bc
sha512: 3d4a554ba10039a417f59e20c993fbff81e5e173b30919cd52e737924dc722a022f4aedb923778cb6df26b1cf5f7e5627f8e85cedb4e00ed05229a6a1e73a985
ssdeep: 1536:INooOe64q90BPmIkrJ/zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzL:o64q90BPW9QDEO7H
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T17B63B81216F6405DF1E3EA7707FD949BD5B9F67D2AAA71AA3281030B0222D464843FB7
sha3_384: 54bdeddc84d0bf297b5481436b95bb057a9fc6e71b3fb9a1eceb0afc00b4e425b065c6e236bf08f5428cb8668fe1a6b4
ep_bytes: ff250020400000000000000000000000
timestamp: 2022-09-05 06:41:47

Version Info:
Translation: 0x0000 0x04b0
FileDescription:  
FileVersion: 0.0.0.0
InternalName: ras.exe
LegalCopyright:  
OriginalFilename: ras.exe
ProductVersion: 0.0.0.0
Assembly Version: 0.0.0.0

IL:Trojan.MSILZilla.19511 also known as:

Bkav	W32.AIDetectNet.01
Cynet	Malicious (score: 100)
FireEye	Generic.mg.803bee1c5a0061e7
McAfee	GenericRXTC-EM!803BEE1C5A00
Malwarebytes	Malware.AI.3944804856
Sangfor	Virus.Win32.Save.a
Cybereason	malicious.c5a006
Cyren	W32/Azorult.D.gen!Eldorado
Elastic	malicious (high confidence)
ESET-NOD32	a variant of MSIL/Filecoder.APU
APEX	Malicious
ClamAV	Win.Ransomware.Hydracrypt-9878672-0
Kaspersky	HEUR:Trojan-Ransom.Win32.Generic
BitDefender	IL:Trojan.MSILZilla.19511
MicroWorld-eScan	IL:Trojan.MSILZilla.19511
Avast	Win32:RansomX-gen [Ransom]
Ad-Aware	IL:Trojan.MSILZilla.19511
Emsisoft	IL:Trojan.MSILZilla.19511 (B)
DrWeb	Trojan.ClipBankerNET.7
VIPRE	IL:Trojan.MSILZilla.19511
McAfee-GW-Edition	GenericRXTC-EM!803BEE1C5A00
Trapmine	malicious.high.ml.score
Sophos	ML/PE-A
Ikarus	Trojan-Ransom.FileCrypter
GData	IL:Trojan.MSILZilla.19511
Avira	HEUR/AGEN.1250041
Arcabit	IL:Trojan.MSILZilla.D4C37
Microsoft	Ransom:MSIL/Filecoder.PK!MSR
Google	Detected
AhnLab-V3	Ransomware/Win.FTD.C4597900
Acronis	suspicious
ALYac	IL:Trojan.MSILZilla.19511
MAX	malware (ai score=85)
VBA32	Ransom.MSIL.Chaos.Heur
Cylance	Unsafe
Rising	Ransom.Destructor!1.B060 (CLASSIC)
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	MSIL/ClipBanker.SX!tr
BitDefenderTheta	AI:Packer.816CD1EE1F
AVG	Win32:RansomX-gen [Ransom]
CrowdStrike	win/malicious_confidence_70% (D)

How to remove IL:Trojan.MSILZilla.19511?

IL:Trojan.MSILZilla.19511 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X