Multi-License Discount Quote

Change Region

English
Threat Database Trojans Trojan.MSILZilla.CM

Trojan.MSILZilla.CM

By CagedTech in Trojans

Threat Scorecard

Popularity Rank: 20,633
Threat Level: 80 % (High)
Infected Computers: 2
First Seen: October 1, 2024
Last Seen: November 27, 2025
OS(es) Affected: Windows

Analysis Report

General information

Family Name: Trojan.MSILZilla.CM
Signature status: No Signature

Known Samples

MD5: 23c12d37ba1643cba76e33f75ece3c63
SHA1: fe3fe6c3cb3809c9b2b176870b7079743bab2c9a
SHA256: C14646D5CC86C131289247A65C437357C43083E91AD0CD441572F5D2CC3C1FB4
File Size: 170.50 KB, 170496 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have exports table
  • File doesn't have security information
  • File is 32-bit executable
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
  • File is Native application (NOT .NET application)
  • File is not packed
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Traits

  • .NET
  • HighEntropy
  • No Version Info
  • ntdll
  • WriteProcessMemory
  • x86

Block Information

Total Blocks: 16
Potentially Malicious Blocks: 11
Whitelisted Blocks: 3
Unknown Blocks: 2

Visual Map

x x ? 0 x 0 x x 0 x ? x x x x x
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

  • Stealer.ALA

Registry Modifications

Key::Value Data API Name
HKLM\software::$77stager 婍￿¸@€Ἆ຺됀촉렡䰁⇍桔獩瀠潲牧浡挠湡潮⁴敢爠湵椠佄⁓潭敤മ਍$䕐Ō붲ꇈà"ċ0昀Ȁ蔮 ꀀ@ Ȁ쀀Ȁ蕀ကက RegNtPreCreateKey

Windows API Usage

Category API
Encryption Used
  • CryptAcquireContext
Service Control
  • OpenSCManager
  • OpenService
  • StartService

Trending

Most Viewed

Loading...