» wohax2.0.exe
Overview
Analysis
File Details

wohax2.0.exe

The executable wohax2.0.exe has been detected as malware by 31 anti-virus scanners.

File name:

wohax2.0.exe

MD5:

a32450f5e5e290b5dfefad1d875c5eb3

SHA-1:

cac2b713d9a89a7e0c77d3dbf2723cf9284805df

SHA-256:

e9fbf47c3878a9cdca7618488f7a6f64f4467da5ad3e3cd2472a686b346294f2

Scanner detections:

31 / 68

Status:

Malware

Analysis date:

2/7/2026 8:21:36 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Generic.MSIL.Bladabindi.C5D31E42

-39

Avira AntiVirus

TR/Dropper.Gen7

8.3.3.4

Arcabit

Trojan.Zusy.D3484C

1.0.0.798

avast!

MSIL:Agent-DRD [Trj]

2014.9-170315

AVG

PSW.ILUSpy

2018.0.2439

Baidu Antivirus

Win32.Trojan.WisdomEyes.16070401.9500

4.0.3.17315

Bitdefender

Generic.MSIL.Bladabindi.C5D31E42

1.0.20.370

Clam AntiVirus

Win.Trojan.B-468

0.99.211

Dr.Web

Trojan.DownLoader19.37002

9.0.1.074

Emsisoft Anti-Malware

Generic.MSIL.Bladabindi.C5D31E42

8.17.03.15.08

ESET NOD32

MSIL/Bladabindi.BC

11.15068

Fortinet FortiGate

MSIL/Agent.LI!tr

3/15/2017

F-Prot

W32/MSIL_Bladabindi.AU.gen

v6.4.7.1.166

F-Secure

Generic.MSIL.Bladabindi.C5D31E42

11.2017-15-03_4

G Data

Generic.MSIL.Bladabindi.C5D31E42

17.3.A:25.11117B:25.9053

IKARUS anti.virus

Trojan.MSIL.Bladabindi

0.2.1.2

K7 AntiVirus

Trojan

13.10.4.22685

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.-1312

Malwarebytes

Backdoor.Bladabindi.Generic

v2017.03.15.08

McAfee

Trojan-FIGN

5600.6095

Microsoft Security Essentials

Backdoor:MSIL/Bladabindi.B

1.1.13504.0

MicroWorld eScan

Generic.MSIL.Bladabindi.C5D31E42

18.0.0.222

NANO AntiVirus

Trojan.Win32.Disfa.dtznyx

1.0.70.15657

Panda Antivirus

Trj/CI.A

17.03.15.08

Qihoo 360 Security

HEUR/QVM41.1.0000.Malware.Gen

1.0.0.1120

Quick Heal

Backdoor.Bladabindi.AL3

3.17.14.00

Sophos

Troj/DotNet-P

4.98

Total Defense

Win32/DotNetDl.A!generic

37.1.62.1

Trend Micro House Call

TROJ_GEN.R023C0DBR17

7.2.74

Trend Micro

BKDR_BLADABI.SMC

10.465.15

Vba32 AntiVirus

Trojan.MSIL.Disfa

3.12.26.4

File size:

1.9 MB (1,967,846 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\windows\syswow64\wohax2.0.exe

File PE Metadata

Compilation timestamp:

8/14/2016 4:15:49 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

14.0

Entry address:

0x1CAB5

Entry point:

E8, 99, 04, 00, 00, E9, 80, FE, FF, FF, 3B, 0D, B8, 91, 43, 00, F2, 75, 02, F2, C3, F2, E9, 0F, 06, 00, 00, 83, 61, 04, 00, 8B, C1, 83, 61, 08, 00, C7, 41, 04, 60, FF, 42, 00, C7, 01, FC, 08, 43, 00, C3, 55, 8B, EC, 56, FF, 75, 08, 8B, F1, E8, 44, 38, FF, FF, C7, 06, 08, 09, 43, 00, 8B, C6, 5E, 5D, C2, 04, 00, 83, 61, 04, 00, 8B, C1, 83, 61, 08, 00, C7, 41, 04, 10, 09, 43, 00, C7, 01, 08, 09, 43, 00, C3, 55, 8B, EC, 83, EC, 0C, 8D, 4D, F4, E8, A7, FF, FF, FF, 68, 58, 6C, 43, 00, 8D, 45, F4, 50, E8, CD, 28... 
[+]

Code size:

184 KB (188,416 bytes)

Remove wohax2.0.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.