IL:Trojan.MSILZilla.6607 (file analysis)

The IL:Trojan.MSILZilla.6607 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What IL:Trojan.MSILZilla.6607 virus can do?

Dynamic (imported) function loading detected
Authenticode signature is invalid
Anomalous binary characteristics
Binary compilation timestomping detected

How to determine IL:Trojan.MSILZilla.6607?


File Info:
name: 0CD9AF8460610303E1A7.mlw
path: /opt/CAPEv2/storage/binaries/ac05b9158539f0f9f8bb193432adf95831301e1c37ef34673715e53ebb691bd7
crc32: CC0FD2E5
md5: 0cd9af8460610303e1a7edbeca8e8c97
sha1: c001ee930e3ad114224ca3b2c03e8ad734b78dd8
sha256: ac05b9158539f0f9f8bb193432adf95831301e1c37ef34673715e53ebb691bd7
sha512: fdae71c12b6ae689f94b3f3eb8ea78d118b7e475e56b155d9eea278ff883899c00dd863508044619aa208ac95ddd394e2be562dd9e98f7b25ae5cf325b2ffb76
ssdeep: 1536:InI9aWCAIqTL57u5cbjT3T726wSjMNSM89OM9tjhgZE:mI9aWCAlTN7u5cbjTj7zYNSM89OM9tj/
type: PE32+ executable (console) x86-64, for MS Windows
tlsh: T11D835B41ABD45CD2F6AE53797CF2100406B0F4C6A97BC71FBC8980E85F927961A763A3
sha3_384: ac8d15c24dc4508843947b6bfda456f3264ca32041e55064c19169109603f0d75a49838172f0aff1d38077c354ef185e
ep_bytes: 4d5a90000300000004000000ffff0000
timestamp: 2102-11-09 08:26:40

Version Info:
Translation: 0x0000 0x04b0
CompanyName: DRun
FileDescription: DRun
FileVersion: 1.0.0.0
InternalName: DRun.dll
LegalCopyright:  
OriginalFilename: DRun.dll
ProductName: DRun
ProductVersion: 1.0.0
Assembly Version: 1.0.0.0

IL:Trojan.MSILZilla.6607 also known as:

Lionic	Trojan.Win32.Zilla.4!c
MicroWorld-eScan	IL:Trojan.MSILZilla.6607
FireEye	IL:Trojan.MSILZilla.6607
McAfee	Artemis!0CD9AF846061
Cylance	Unsafe
K7AntiVirus	Trojan ( 0058ab741 )
Alibaba	Trojan:MSIL/SharpS_AGen.4b15b6ab
K7GW	Trojan ( 0058ab741 )
Symantec	Trojan.Gen.2
ESET-NOD32	a variant of MSIL/SharpS_AGen.A
Kaspersky	VHO:Trojan.Win32.Sdum.gen
BitDefender	IL:Trojan.MSILZilla.6607
Avast	Win64:InjectorX-gen [Trj]
Tencent	Msil.Trojan.Msilzilla.Jmn
Ad-Aware	IL:Trojan.MSILZilla.6607
Sophos	Mal/Generic-S
TrendMicro	TROJ_GEN.R002C0WLB21
McAfee-GW-Edition	Artemis!Trojan
Emsisoft	IL:Trojan.MSILZilla.6607 (B)
Ikarus	Trojan.MSIL.Sharps
GData	IL:Trojan.MSILZilla.6607
Avira	TR/Redcap.ftrbp
MAX	malware (ai score=89)
Gridinsoft	Ransom.Win64.Sabsik.sa
Arcabit	IL:Trojan.MSILZilla.D19CF
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Cynet	Malicious (score: 99)
AhnLab-V3	Trojan/Win.ShaDumpz.C4827027
ALYac	IL:Trojan.MSILZilla.6607
Malwarebytes	Malware.AI.2499801812
TrendMicro-HouseCall	TROJ_GEN.R002C0WLB21
SentinelOne	Static AI – Suspicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	MSIL/SharpS_AGen.A!tr
AVG	Win64:InjectorX-gen [Trj]

How to remove IL:Trojan.MSILZilla.6607?

IL:Trojan.MSILZilla.6607 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X