Trojan

About “IL:Trojan.MSILZilla.7042” infection

Malware Removal

The IL:Trojan.MSILZilla.7042 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What IL:Trojan.MSILZilla.7042 virus can do?

  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • .NET file is packed/obfuscated with SmartAssembly
  • Authenticode signature is invalid
  • Anomalous .NET characteristics
  • CAPE detected the Thanos malware family

How to determine IL:Trojan.MSILZilla.7042?



File Info:

name: AF9622A8B6A46866F00F.mlw
path: /opt/CAPEv2/storage/binaries/32ec78179b1516765fd2ec4da82404352cb6837a906c7493283ef578930273e6
crc32: 92CB08CA
md5: af9622a8b6a46866f00f9ff35b7f16b6
sha1: 6a81a6e01f502cdb5893d423417bde2448882ac2
sha256: 32ec78179b1516765fd2ec4da82404352cb6837a906c7493283ef578930273e6
sha512: e4effba4959ff985bd63cd0f533c368c88370a25c90eef5e9bef82eab101d2ea1a2bbd33aad1da3cb629b894c2777c8f6c35fd6729b65b8580c54f90a13fb2c2
ssdeep: 3072:eznB13m/ar3ILF8c1IYy9DvsbghU7bXfjTAuBEER:4BZ4nF80y9YbB77jTAu
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T160E308FC3AA68FA5CBAD42F481AF2E5143A4B1F7263BE3465C8300D5F9576C395440EA
sha3_384: 727fd2ccdc25e8ce69429fde74a0897f1753d03c0a8f70f171f14ca7c42ecb1c691135ff07108e42c3ae7a36ef944091
ep_bytes: ff250020400000000000000000000000
timestamp: 2021-09-29 15:42:55


Version Info:

Translation: 0x0000 0x04b0
FileDescription: Printer Driver
FileVersion: 4.5.0.0
InternalName: m6xCYuBdljUAGG
LegalCopyright: Copyright 2019 yeTsbm1HoyoBBB
OriginalFilename: NvpqJeTQVzgEHm
ProductVersion: 4.5.0.0
Assembly Version: 4.5.0.0
ProductName: t9JZ3nB49B9HKO
CompanyName: cCNo5ESs5XMS0c pRubEZvFPyKHjV
LegalTrademarks: DvNlwjPsQiDudX xYdyf63bEd0Oli

IL:Trojan.MSILZilla.7042 also known as:

LionicTrojan.MSIL.Thanos.j!c
Elasticmalicious (high confidence)
DrWebTrojan.EncoderNET.29
MicroWorld-eScanIL:Trojan.MSILZilla.7042
FireEyeGeneric.mg.af9622a8b6a46866
ALYacTrojan.Ransom.Thanos
CylanceUnsafe
ZillyaTrojan.Basic.Win32.11333
SangforTrojan.MSIL.Thanos.A
K7AntiVirusTrojan ( 005689411 )
AlibabaRansom:MSIL/Thanos.e7075052
K7GWTrojan ( 005689411 )
Cybereasonmalicious.8b6a46
BitDefenderThetaGen:NN.ZemsilF.34212.jm0@aGZ408i
CyrenW32/MSIL_Thanos.A.gen!Eldorado
SymantecTrojan.Gen.MBT
ESET-NOD32a variant of MSIL/Filecoder.Thanos.A
TrendMicro-HouseCallRansom.MSIL.THANOS.SM
Paloaltogeneric.ml
ClamAVWin.Ransomware.Prometheus-9874369-0
KasperskyHEUR:Trojan-Ransom.Win32.Generic
BitDefenderIL:Trojan.MSILZilla.7042
AvastWin32:MalwareX-gen [Trj]
TencentMsil.Trojan.Thanos.Lqos
Ad-AwareIL:Trojan.MSILZilla.7042
SophosMal/Generic-S
VIPRETrojan.Win32.Generic!BT
TrendMicroRansom.MSIL.THANOS.SM
McAfee-GW-EditionRansom-Thanos!AF9622A8B6A4
EmsisoftIL:Trojan.MSILZilla.7042 (B)
SentinelOneStatic AI – Malicious PE
GDataIL:Trojan.MSILZilla.7042
JiangminTrojan.MSIL.aiyew
AviraTR/Redcap.tfucq
MAXmalware (ai score=82)
ViRobotTrojan.Win32.Z.Thanos.155648
ZoneAlarmHEUR:Trojan-Ransom.Win32.Generic
MicrosoftRansom:MSIL/Thanos.DC!MTB
CynetMalicious (score: 100)
AhnLab-V3Ransomware/Win.THANOS.C4468943
McAfeeRansom-Thanos!AF9622A8B6A4
VBA32Trojan-Ransom.MSIL.Thanos.Heur
MalwarebytesRansom.Thanos
APEXMalicious
RisingRansom.Thanos!1.D81A (CLASSIC)
IkarusTrojan-Ransom.Thanos
FortinetMSIL/Thanos.A!tr.ransom
AVGWin32:MalwareX-gen [Trj]
PandaTrj/GdSda.A
CrowdStrikewin/malicious_confidence_100% (W)

How to remove IL:Trojan.MSILZilla.7042?

IL:Trojan.MSILZilla.7042 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment