Trojan

Should I remove “IL:Trojan.MSILZilla.6935”?

Malware Removal

The IL:Trojan.MSILZilla.6935 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What IL:Trojan.MSILZilla.6935 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Attempts to connect to a dead IP:Port (1 unique times)
  • Creates RWX memory
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid

How to determine IL:Trojan.MSILZilla.6935?



File Info:

name: 747BBFCA19108F4FFB69.mlw
path: /opt/CAPEv2/storage/binaries/23fc60fbd97f84da8b2e944d8827ff675bc2bea3eed994372e351b6b26133629
crc32: E15B3EB4
md5: 747bbfca19108f4ffb69a3ddfb77a00f
sha1: 6be92dc25ba6ed0053bfd03065645ab2e22940f0
sha256: 23fc60fbd97f84da8b2e944d8827ff675bc2bea3eed994372e351b6b26133629
sha512: 7b04a106074e142acd11222a6a8939d3b6b745159abe740e4245e23b20429d45325860e61592359fc778b57182d14a1512d22b84359b3e69ac358905dcd6482e
ssdeep: 3072:MCs466qcl/Y/3D77wuP2PDNFq5fdKrn0ZmBsmNRSH922mvpUy6ibD6gS9BRSuK7H:1
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D4B5D73D0DBE2137C1ADD355ABC88C3BA800976B71657EB868D247F94706A8375D223E
sha3_384: 3858d1d2d32a7ab7142197017bdf8c3d80e51a3b989269784e5dbfdc2b922498fea5cb43a1518faed50506694e1b1f5b
ep_bytes: ff250020400000000000000000000000
timestamp: 2019-08-04 16:32:00


Version Info:

Translation: 0x0000 0x04b0
Comments: Microsoft Application
CompanyName: Microsoft
FileDescription: 1
FileVersion: 1.0.0.0
InternalName: 1
LegalCopyright: Microsoft © 2019
LegalTrademarks: Microsoft © 2019
OriginalFilename: 1
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

IL:Trojan.MSILZilla.6935 also known as:

LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanIL:Trojan.MSILZilla.6935
ALYacIL:Trojan.MSILZilla.6935
MalwarebytesMachineLearning/Anomalous.100%
VIPRETrojan.Win32.Generic!BT
SangforTrojan.Win32.Skeeyah.HK
CrowdStrikewin/malicious_confidence_100% (D)
AlibabaTrojan:Win32/Skeeyah.46d33bcf
K7GWTrojan ( 0055536f1 )
K7AntiVirusTrojan ( 0055536f1 )
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Kryptik.SMC
APEXMalicious
AvastWin32:TrojanX-gen [Trj]
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderIL:Trojan.MSILZilla.6935
NANO-AntivirusTrojan.Win32.Stealer.fzpapi
TencentWin32.Trojan.Generic.Agvb
Ad-AwareIL:Trojan.MSILZilla.6935
SophosMal/Generic-S
F-SecureTrojan.TR/Dropper.Gen2
DrWebTrojan.PWS.Stealer.26900
ZillyaTrojan.Kryptik.Win32.1769368
McAfee-GW-EditionGenericRXHZ-XO!747BBFCA1910
FireEyeGeneric.mg.747bbfca19108f4f
EmsisoftIL:Trojan.MSILZilla.6935 (B)
SentinelOneStatic AI – Malicious PE
GDataIL:Trojan.MSILZilla.6935
JiangminTrojan.Generic.eaeqq
AviraTR/Dropper.Gen2
Antiy-AVLTrojan/Generic.ASMalwS.2C5C371
ArcabitIL:Trojan.MSILZilla.D1B17
MicrosoftTrojan:Win32/Skeeyah.HK!MTB
CynetMalicious (score: 100)
McAfeeGenericRXHZ-XO!747BBFCA1910
MAXmalware (ai score=84)
VBA32TScope.Trojan.MSIL
CylanceUnsafe
IkarusTrojan.MSIL.Crypt
FortinetMSIL/GenKryptik.DMFQ!tr
BitDefenderThetaGen:NN.ZemsilF.34062.mo0@aeDXlkh
AVGWin32:TrojanX-gen [Trj]
Cybereasonmalicious.a19108
Paloaltogeneric.ml
MaxSecureTrojan.Malware.7164915.susgen

How to remove IL:Trojan.MSILZilla.6935?

IL:Trojan.MSILZilla.6935 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment