Malware

VirTool:MSIL/Injector!I removal

Malware Removal

The VirTool:MSIL/Injector!I is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What VirTool:MSIL/Injector!I virus can do?

  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Behavioural detection: Injection (Process Hollowing)
  • Behavioural detection: Injection (inter-process)
  • Operates on local firewall’s policies and settings
  • Creates a copy of itself
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine VirTool:MSIL/Injector!I?



File Info:

name: 07CD1264273342705745.mlw
path: /opt/CAPEv2/storage/binaries/4f83a94624ff40c1a1fd286bc4c6d5dae6c9c69a73cb972925171bd3dd56be6f
crc32: 83158EDF
md5: 07cd1264273342705745e5a86c2a9781
sha1: 92a701b6874412cbcba14e2745f6de3f5989b858
sha256: 4f83a94624ff40c1a1fd286bc4c6d5dae6c9c69a73cb972925171bd3dd56be6f
sha512: 5a5b51d978375da66dc783c4773502382f88dff9996445e6cad98b8027371f856ba5d2ccfe567f6ecc62d812d0c9b039f823ebbb5acf20d0a3d9dc77ef609ae6
ssdeep: 768:9VIM5FcASDNh/htLYo4Tb8EOvvbJ0Ksa7ZkjJEXHih4KRtiCOkGJYb9uMNY0rTG4:9VIoFcASDNhJtLYo4Tb8EOOa7ZkjaGz1
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B713AE5DE3C58B72CA380A36C8930FD11778F249B953EF1B5B884429FA523999FD1A18
sha3_384: 705e31bd6be6d8cf6638e2316565d8df56ce5409e5d39cb5fbaaed0b8122ef283f6d336b21e7c823bb90aa68052bd876
ep_bytes: ff250020400000000000000000000000
timestamp: 2012-06-05 20:17:37


Version Info:

Translation: 0x0000 0x04b0
FileDescription: SUI
FileVersion: 1.0.0.0
InternalName: SUI.exe
LegalCopyright: Copyright © Microsoft 2012
OriginalFilename: SUI.exe
ProductName: SUI
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

VirTool:MSIL/Injector!I also known as:

LionicTrojan.Win32.Generic.ls1e
Elasticmalicious (high confidence)
CynetMalicious (score: 99)
SkyhighGeneric Malware.fe!ats
McAfeeGeneric Malware.fe!ats
MalwarebytesBackdoor.Agent
VIPREIL:Trojan.MSILZilla.23780
SangforBackdoor.Msil.Injector.Vdm7
K7AntiVirusTrojan ( 0036234a1 )
AlibabaVirTool:MSIL/Injector.7492bf92
K7GWTrojan ( 0036234a1 )
Cybereasonmalicious.687441
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Injector.SY
APEXMalicious
KasperskyHEUR:Backdoor.Win32.Generic
BitDefenderIL:Trojan.MSILZilla.23780
NANO-AntivirusTrojan.Win32.Jorik.dhxwlx
MicroWorld-eScanIL:Trojan.MSILZilla.23780
AvastWin32:TrojanX-gen [Trj]
TencentMalware.Win32.Gencirc.10bddaf8
TACHYONTrojan/W32.DN-Agent.45056.DE
EmsisoftIL:Trojan.MSILZilla.23780 (B)
F-SecureHeuristic.HEUR/AGEN.1324525
DrWebTrojan.DownLoader6.41959
ZillyaTrojan.Jorik.Win32.139724
Trapminemalicious.moderate.ml.score
FireEyeGeneric.mg.07cd126427334270
SophosMal/Generic-R
SentinelOneStatic AI – Suspicious PE
GDataIL:Trojan.MSILZilla.23780
JiangminTrojan/Inject.adny
WebrootW32.Malware.Gen
GoogleDetected
AviraHEUR/AGEN.1324525
Antiy-AVLTrojan/Win32.IRCbot
KingsoftWin32.Hack.Generic.a
XcitiumMalware@#3651zb9e7cqzy
ArcabitIL:Trojan.MSILZilla.D5CE4
ZoneAlarmHEUR:Backdoor.Win32.Generic
MicrosoftVirTool:MSIL/Injector.gen!I
AhnLab-V3Trojan/Win32.Inject.R27094
BitDefenderThetaGen:NN.ZemsilF.36608.cm0@aed!sCni
ALYacIL:Trojan.MSILZilla.23780
MAXmalware (ai score=100)
Cylanceunsafe
PandaTrj/CI.A
RisingMalware.Obfus/MSIL@AI.94 (RDM.MSIL2:plyFGvTCk96Z/zH3QFK2xQ)
YandexTrojan.Injector!Dnbety05YrA
IkarusTrojan-Dropper.Small
MaxSecureTrojan.Malware.4380477.susgen
FortinetMSIL/Injector.SYY!tr
AVGWin32:TrojanX-gen [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove VirTool:MSIL/Injector!I?

VirTool:MSIL/Injector!I removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment