Trojan

How to remove “IL:Trojan.MSILZilla.5022”?

Malware Removal

The IL:Trojan.MSILZilla.5022 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What IL:Trojan.MSILZilla.5022 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • At least one IP Address, Domain, or File Name was found in a crypto call
  • Performs HTTP requests potentially not found in PCAP.
  • Enumerates the modules from a process (may be used to locate base addresses in process injection)
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

Related domains:

wpad.local-net

How to determine IL:Trojan.MSILZilla.5022?



File Info:

name: 0C1A20304392D2F246D3.mlw
path: /opt/CAPEv2/storage/binaries/270850905c84efd1acec27a4dd0a778457b9e69a6221f67133ef7aa405d7e309
crc32: 5C4CAF14
md5: 0c1a20304392d2f246d3e9f94d8c91cf
sha1: fe6c15e5879ea6ba5a13ed2cc779c876e9a2d8fa
sha256: 270850905c84efd1acec27a4dd0a778457b9e69a6221f67133ef7aa405d7e309
sha512: b86b66570e0b919757a24ad13f37ddcd39a99d322c6d2f0eb5e5e99ffd90fc2592b4eec833ec652c0eabde528fbec3006003af04f713befa11c81d650088676c
ssdeep: 768:azQdHmhFg+tnTtHJ90MmdNf9iZLK1YcV63izhGppHhSp3hh1:HGhi+HrkgZLKv63izYXsf
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T16FD3E10C6290D801DC29DD71B844C6F16A2D6C0E2E9186BE2B7BBE3D3A63713676D177
sha3_384: 0de59c90c8f9aa812aee30bce6821b5bd7922fbf80a14e1ebf20ec210a09be2fd86b653faee1a7e364d771c752d4022d
ep_bytes: ff250020400000000000000000000000
timestamp: 2084-09-14 18:44:45


Version Info:

Translation: 0x0000 0x04b0
Comments: Lula Oakes
CompanyName: Lula Oakes
FileDescription: loader
FileVersion: 1.8.8.10
InternalName: loader.exe
LegalCopyright: Copyright ©  2021
LegalTrademarks: 
OriginalFilename: loader.exe
ProductName: loader
ProductVersion: 1.8.8.10
Assembly Version: 1.8.8.10

IL:Trojan.MSILZilla.5022 also known as:

LionicTrojan.MSIL.Injuke.4!c
CAT-QuickHealTrojan.MSIL
McAfeeRDN/Generic Downloader.x
MalwarebytesTrojan.Downloader.MSIL
K7AntiVirusTrojan-Downloader ( 005896ef1 )
BitDefenderIL:Trojan.MSILZilla.5022
K7GWTrojan-Downloader ( 005896ef1 )
Cybereasonmalicious.04392d
SymantecMSIL.Downloader!gen7
ESET-NOD32a variant of MSIL/TrojanDownloader.Agent.JFP
APEXMalicious
Paloaltogeneric.ml
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.MSIL.Injuke.gen
AlibabaTrojan:MSIL/Injuke.075e1f40
MicroWorld-eScanIL:Trojan.MSILZilla.5022
AvastWin32:TrojanX-gen [Trj]
TencentMsil.Trojan.Injuke.Eyk
Ad-AwareIL:Trojan.MSILZilla.5022
TrendMicroTROJ_GEN.R002C0WKM21
McAfee-GW-EditionRDN/Generic Downloader.x
FireEyeGeneric.mg.0c1a20304392d2f2
EmsisoftIL:Trojan.MSILZilla.5022 (B)
IkarusTrojan-Downloader.MSIL.Agent
GDataIL:Trojan.MSILZilla.5022
AviraHEUR/AGEN.1145214
MAXmalware (ai score=86)
Antiy-AVLTrojan/Generic.ASMalwS.34D65BA
GridinsoftRansom.Win32.Sabsik.sa
ArcabitIL:Trojan.MSILZilla.D139E
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
AhnLab-V3Trojan/Win.MSILZilla.C4756641
VBA32TScope.Trojan.MSIL
ALYacIL:Trojan.MSILZilla.5022
CylanceUnsafe
TrendMicro-HouseCallTROJ_GEN.R002C0WKM21
YandexTrojan.Injuke!7onstvJRUDI
SentinelOneStatic AI – Malicious PE
eGambitPE.Heur.InvalidSig
FortinetMSIL/Agent.JFP!tr.dldr
BitDefenderThetaGen:NN.ZemsilF.34062.im2@aSBkYdm
AVGWin32:TrojanX-gen [Trj]
PandaTrj/CI.A
CrowdStrikewin/malicious_confidence_100% (W)

How to remove IL:Trojan.MSILZilla.5022?

IL:Trojan.MSILZilla.5022 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment