About “IL:Trojan.MSILZilla.22565” infection

The IL:Trojan.MSILZilla.22565 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What IL:Trojan.MSILZilla.22565 virus can do?

Sample contains Overlay data
CAPE extracted potentially suspicious content
Authenticode signature is invalid
Binary compilation timestomping detected

How to determine IL:Trojan.MSILZilla.22565?


File Info:
name: A3509E3F0A45B66CB915.mlw
path: /opt/CAPEv2/storage/binaries/202eb4344267c9a1e8e7fd6ea42c35b29a7b1ccf09da7889394bde446e2b534a
crc32: 11DDB621
md5: a3509e3f0a45b66cb91587297585c177
sha1: e5708410c09838022d18ef719ea75e7b33d7aa9b
sha256: 202eb4344267c9a1e8e7fd6ea42c35b29a7b1ccf09da7889394bde446e2b534a
sha512: 1112c5ca5832fe5fd55327dd4fe677fe90f813585785c3001b2175f013630d04c70844f828ccb2ce82c36d56ea0288a52035be5fa4e7717f6ea91737ae8d2453
ssdeep: 384:C6GlPxvF1798D99veu0uNHdL8W3ycC09hfsttmk:lGb9y992u04j3RE/mk
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1A852E841E3EC8775F7BF4B76ADB7922106B2FA6A4902D75E1588504E2C327048E72F72
sha3_384: b14fb39f335606eea74860326907da80c8300e573aea8b2cddda0177511a1ea5bfaf96c6dd229c20c7337a4a0c66629f
ep_bytes: ff250020400000000000000000000000
timestamp: 2088-09-10 14:02:32

Version Info:
Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: AbaddonStub
FileVersion: 1.0.0.0
InternalName: AbaddonStub.exe
LegalCopyright: Copyright ©  2022
LegalTrademarks: 
OriginalFilename: AbaddonStub.exe
ProductName: AbaddonStub
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

IL:Trojan.MSILZilla.22565 also known as:

Bkav	W32.AIDetectNet.01
Elastic	malicious (high confidence)
MicroWorld-eScan	IL:Trojan.MSILZilla.22565
FireEye	Generic.mg.a3509e3f0a45b66c
CAT-QuickHeal	Trojan.YakbeexMSIL.ZZ4
McAfee	GenericRXTR-BU!A3509E3F0A45
K7AntiVirus	Password-Stealer ( 00594cda1 )
K7GW	Password-Stealer ( 00594cda1 )
Cybereason	malicious.0c0983
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/PSW.Agent_AGen.H
APEX	Malicious
Cynet	Malicious (score: 100)
Kaspersky	HEUR:Exploit.MSIL.BypassUAC.gen
BitDefender	IL:Trojan.MSILZilla.22565
Avast	Win32:ExploitX-gen [Expl]
Ad-Aware	IL:Trojan.MSILZilla.22565
Emsisoft	IL:Trojan.MSILZilla.22565 (B)
VIPRE	IL:Trojan.MSILZilla.22565
McAfee-GW-Edition	GenericRXTR-BU!A3509E3F0A45
Sophos	Mal/Mdrop-MB
SentinelOne	Static AI – Malicious PE
GData	IL:Trojan.MSILZilla.22565
Jiangmin	Exploit.MSIL.ajx
Avira	TR/Dropper.Gen
MAX	malware (ai score=80)
Arcabit	IL:Trojan.MSILZilla.D5825
ZoneAlarm	HEUR:Exploit.MSIL.BypassUAC.gen
Microsoft	Trojan:Win32/Wacatac.B!ml
Google	Detected
AhnLab-V3	Trojan/Win.Generic.C5184456
Acronis	suspicious
BitDefenderTheta	Gen:NN.ZemsilF.34646.am1@aS0@CXc
ALYac	IL:Trojan.MSILZilla.22565
Malwarebytes	Spyware.PasswordStealer
Rising	Exploit.BypassUAC!8.87F5 (TFE:dGZlOgxeL0VtnXBFAA)
Ikarus	Trojan.MSIL.PSW
Fortinet	MSIL/Agent.H!tr
AVG	Win32:ExploitX-gen [Expl]
CrowdStrike	win/malicious_confidence_90% (D)

How to remove IL:Trojan.MSILZilla.22565?

IL:Trojan.MSILZilla.22565 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X