IL:Trojan.MSILZilla.22492 malicious file

The IL:Trojan.MSILZilla.22492 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What IL:Trojan.MSILZilla.22492 virus can do?

CAPE extracted potentially suspicious content
Authenticode signature is invalid
Anomalous .NET characteristics
CAPE detected the RedLine malware family
Binary compilation timestomping detected

How to determine IL:Trojan.MSILZilla.22492?


File Info:
name: E3186274E22D9F65D19A.mlw
path: /opt/CAPEv2/storage/binaries/bc1ab07deb57d6fc4081cab42b37a7466461d3fc19126136b677e851be25b811
crc32: 7B44E445
md5: e3186274e22d9f65d19a7e268f3eabab
sha1: 31ba686a796b37b64b955936950dced8a2b21f74
sha256: bc1ab07deb57d6fc4081cab42b37a7466461d3fc19126136b677e851be25b811
sha512: 20df24813f487d6fe3320c02a9849345c299026f2519f9fcb6c767b159f04cd736d24f2dbe6b582f0a2ae90b2ac39824643cd2b86afde9fa3b4258ff9e1a6d3b
ssdeep: 1536:qPqUPY5DyWjddJg31A4bDeRAiJDNrDNrNDbDNniuujyC+DN1xvtDNP1rJ7KW9q74:t78FiQUFvmOqP3+LJoESRI5
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T121933AD4A3CC8A1AE7FD4A3494B5515C83F4F643B912E78F0EC5A0DA2E76B841611BF2
sha3_384: 619bd9bf60039b0f895052f3bc0bd7df1d1909660660e9f4edeb463cb32f75f43dd9dc9d6afbd2dddec518a375b70218
ep_bytes: ff25002040006100750074006f006600
timestamp: 2105-03-16 18:01:00

Version Info:
Translation: 0x0000 0x04b0
FileDescription:  
FileVersion: 0.0.0.0
InternalName: Tuneless.exe
LegalCopyright:  
OriginalFilename: Tuneless.exe
ProductVersion: 0.0.0.0
Assembly Version: 0.0.0.0

IL:Trojan.MSILZilla.22492 also known as:

Bkav	W32.AIDetectNet.01
tehtris	Generic.Malware
Cynet	Malicious (score: 100)
FireEye	Generic.mg.e3186274e22d9f65
McAfee	GenericRXQA-AF!E3186274E22D
Malwarebytes	Spyware.PasswordStealer.MSIL
VIPRE	IL:Trojan.MSILZilla.22492
Sangfor	Suspicious.Win32.Save.a
Cyren	W32/MSIL_Agent.BJO.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of MSIL/Spy.Agent.DFY
APEX	Malicious
ClamAV	Win.Trojan.Redline-9938775-1
Kaspersky	HEUR:Trojan-Spy.MSIL.Stealer.gen
BitDefender	IL:Trojan.MSILZilla.22492
MicroWorld-eScan	IL:Trojan.MSILZilla.22492
Avast	Win32:PWSX-gen [Trj]
Tencent	Msil.Trojan-spy.Stealer.Agui
Ad-Aware	IL:Trojan.MSILZilla.22492
Emsisoft	IL:Trojan.MSILZilla.22492 (B)
DrWeb	Trojan.PWS.StealerNET.125
McAfee-GW-Edition	GenericRXQA-AF!E3186274E22D
Trapmine	suspicious.low.ml.score
Sophos	ML/PE-A
Ikarus	Trojan.MSIL.Spy
GData	MSIL.Trojan-Stealer.Redline.G
Avira	HEUR/AGEN.1234971
Arcabit	IL:Trojan.MSILZilla.D57DC
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Google	Detected
AhnLab-V3	Trojan/Win.AF.C5226473
Acronis	suspicious
ALYac	IL:Trojan.MSILZilla.22492
MAX	malware (ai score=82)
VBA32	suspected of Trojan.MSIL.InfoStealer.gen.U
Cylance	Unsafe
Rising	Stealer.Agent!1.DC63 (CLASSIC)
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	MSIL/Agent.DFY!tr
BitDefenderTheta	Gen:NN.ZemsilF.34606.fm0@a8pCP@h
AVG	Win32:PWSX-gen [Trj]
CrowdStrike	win/malicious_confidence_100% (W)

How to remove IL:Trojan.MSILZilla.22492?

IL:Trojan.MSILZilla.22492 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X