Trojan

IL:Trojan.MSILZilla.2625 (file analysis)

Malware Removal

The IL:Trojan.MSILZilla.2625 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What IL:Trojan.MSILZilla.2625 virus can do?

  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid

How to determine IL:Trojan.MSILZilla.2625?



File Info:

name: 97055449884A4F7C8C56.mlw
path: /opt/CAPEv2/storage/binaries/2ba4b1f51ed7de66d3223efdde9bd065e7f8f2fb70e3ca2a54aeb45e169972df
crc32: 2B0511D5
md5: 97055449884a4f7c8c56a401c8c7833e
sha1: a31744013074dd5754e5388d0f538ddb71719293
sha256: 2ba4b1f51ed7de66d3223efdde9bd065e7f8f2fb70e3ca2a54aeb45e169972df
sha512: 44baade87a7a4d56867f1ae99fe8b980e1cbec0673a1afbcf0d653f3dea291d8c6185c08fa85b9ef6c9a8dcfcf414f734bf9a50bb6917d558555eb2cc9990a32
ssdeep: 384:YLS4mjLoNC81g0MY0000uLcUN4ntLTZCpe/666omvMIRyg9bU:mbmjL+C1LcUxpe/666om0I99bU
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T16EB2D91137E9A244F77F2FB60BB2F1618B7BF76719169E2D2444811B4A16B40CF92B32
sha3_384: 8b87a5fa30eac13778dbb07b3bd07653a43e44f411c683e1a27f2566ef63226342da336896c659bd32df91562eca5d43
ep_bytes: ff250020400000000000000000000000
timestamp: 2022-02-02 10:33:29


Version Info:

Translation: 0x0000 0x04b0
Comments: HdpElDosTHFyROkGfkgs
CompanyName: axfJYFLemcIDDCHrkrWw
FileDescription: VBYqDqnhzxUEOUQcstPR
FileVersion: 1.0.0.0
InternalName: TEST.exe
LegalCopyright: vLghqBvZoIbupeKTUSXI
LegalTrademarks: BImzyPTVNmCteMOiLQdo
OriginalFilename: TEST.exe
ProductName: iyCFwVydOJxSJzNXHGtf
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

IL:Trojan.MSILZilla.2625 also known as:

Elasticmalicious (high confidence)
CynetMalicious (score: 99)
CAT-QuickHealTrojan.MsilFC.S18886598
ALYacIL:Trojan.MSILZilla.2625
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 700000121 )
K7GWTrojan ( 700000121 )
Cybereasonmalicious.9884a4
ArcabitIL:Trojan.MSILZilla.DA41
ESET-NOD32a variant of MSIL/Agent.OGT
APEXMalicious
ClamAVWin.Packed.Tpyn-7114692-0
KasperskyHEUR:Trojan.MSIL.Tpyn.chu
BitDefenderIL:Trojan.MSILZilla.2625
MicroWorld-eScanIL:Trojan.MSILZilla.2625
Ad-AwareIL:Trojan.MSILZilla.2625
EmsisoftIL:Trojan.MSILZilla.2625 (B)
ComodoTrojWare.MSIL.Tiggre.OGT@7gybp1
F-SecureTrojan.TR/ATRAPS.Gen
McAfee-GW-EditionTrojan-FSGX!97055449884A
FireEyeGeneric.mg.97055449884a4f7c
SophosML/PE-A + Mal/Agent-ASW
SentinelOneStatic AI – Malicious PE
AviraTR/ATRAPS.Gen
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
ZoneAlarmHEUR:Trojan.MSIL.Tpyn.chu
GDataIL:Trojan.MSILZilla.2625
McAfeeTrojan-FSGX!97055449884A
MAXmalware (ai score=89)
CylanceUnsafe
RisingBackdoor.GhostEye!1.CA24 (CLASSIC)
IkarusTrojan.SuspectCRC
FortinetMSIL/Generic.AP.135B46!tr
BitDefenderThetaAI:Packer.D52332BD1F
AVGWin32:TrojanX-gen [Trj]
AvastWin32:TrojanX-gen [Trj]
CrowdStrikewin/malicious_confidence_60% (D)

How to remove IL:Trojan.MSILZilla.2625?

IL:Trojan.MSILZilla.2625 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment