Trojan

About “IL:Trojan.MSILZilla.40526” infection

Malware Removal

The IL:Trojan.MSILZilla.40526 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What IL:Trojan.MSILZilla.40526 virus can do?

  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Anomalous .NET characteristics
  • CAPE detected the MetaStealer malware family
  • Anomalous binary characteristics
  • Binary compilation timestomping detected

How to determine IL:Trojan.MSILZilla.40526?



File Info:

name: C64CE48381BEE82E8779.mlw
path: /opt/CAPEv2/storage/binaries/558ee2bad8ce6bb8230bdee1a21abfab766488f0e3f512074e3380ce18d1c4de
crc32: 749C0BD9
md5: c64ce48381bee82e87795ae54f5af6e3
sha1: 026af3133c876144ecf2f904278be7287c849a5b
sha256: 558ee2bad8ce6bb8230bdee1a21abfab766488f0e3f512074e3380ce18d1c4de
sha512: 35d355be12b6f447449a897c49df2bd5d4c82b718e01f416ad4f645ab10ee82950aecd8d842ca40a03c4b4b9a61452d7a4f19c43d7ae955c4ba666b0abe9daaf
ssdeep: 1536:FEHdbPyY7nVD15s0q4kXwiFyzqbMuR63gkvyTFtE3GDLzGE2ZL:FOdmQVk4kAiFy6I3g0ypWInBwL
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1AFB32A2563DC9F29E3BD0B7578B0122447F0B0876422EBDF9FC564DE1E22B819915AF2
sha3_384: cf8955b5a607f4e566222ecc40cb46d350969dc6860b4b49b6e94b38f0c54415f201def85dec148833c1d5ac0c68a4ed
ep_bytes: ff25002040006100750074006f006600
timestamp: 2063-07-20 11:13:52


Version Info:

Translation: 0x0000 0x04b0
FileDescription:  
FileVersion: 0.0.0.0
InternalName: Banging.exe
LegalCopyright:  
OriginalFilename: Banging.exe
ProductVersion: 0.0.0.0
Assembly Version: 0.0.0.0

IL:Trojan.MSILZilla.40526 also known as:

BkavW32.AIDetectMalware.CS
ElasticWindows.Trojan.Generic
MicroWorld-eScanIL:Trojan.MSILZilla.40526
CAT-QuickHealBackdoor.MsilFC.S24736701
SkyhighBehavesLike.Win32.Generic.cm
McAfeeGenericRXQA-ND!C64CE48381BE
Cylanceunsafe
SangforSuspicious.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaTrojanPSW:MSIL/RedLine.8400b846
K7GWSpyware ( 005995c91 )
K7AntiVirusSpyware ( 005995c91 )
ArcabitIL:Trojan.MSILZilla.D9E4E
VirITTrojan.Win32.MSIL_Heur.A
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Spy.RedLine.A
ClamAVWin.Packed.Generickdz-9885340-0
KasperskyHEUR:Trojan-Spy.MSIL.Stealer.gen
BitDefenderIL:Trojan.MSILZilla.40526
NANO-AntivirusTrojan.Win32.Stealer.jyeyig
AvastWin32:MalwareX-gen [Trj]
RisingBackdoor.SectopRAT!1.DA27 (CLASSIC)
EmsisoftIL:Trojan.MSILZilla.40526 (B)
F-SecureHeuristic.HEUR/AGEN.1305493
DrWebTrojan.PWS.Stealer.31114
ZillyaTrojan.RedLine.Win32.7572
FireEyeGeneric.mg.c64ce48381bee82e
SophosMal/Reline-B
SentinelOneStatic AI – Malicious PE
MAXmalware (ai score=87)
GoogleDetected
AviraHEUR/AGEN.1305493
VaristW32/MSIL_Agent.CIU.gen!Eldorado
Antiy-AVLTrojan[Spy]/MSIL.RedLine
MicrosoftPWS:MSIL/RedLine!atmn
ZoneAlarmHEUR:Trojan-Spy.MSIL.Stealer.gen
GDataMSIL.Trojan-Stealer.Redline.B
AhnLab-V3Infostealer/Win.RedLine.R448818
ALYacIL:Trojan.MSILZilla.40526
TACHYONTrojan-Spy/W32.DN-InfoStealer.113664.B
VBA32Trojan.MSIL.RedLine.Heur
MalwarebytesGeneric.Malware.AI.DDS
PandaTrj/GdSda.A
TencentMalware.Win32.Gencirc.13ebb888
IkarusTrojan-Spy.RedLineStealer
MaxSecureTrojan.Malware.121218.susgen
FortinetMSIL/Agent.DFY!tr.spy
AVGWin32:MalwareX-gen [Trj]
DeepInstinctMALICIOUS
alibabacloudSpyWare:MSIL/Redline.GG!MTB

How to remove IL:Trojan.MSILZilla.40526?

IL:Trojan.MSILZilla.40526 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment