Spy Trojan

TrojanSpy:MSIL/Ohona.A removal guide

Malware Removal

The TrojanSpy:MSIL/Ohona.A is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What TrojanSpy:MSIL/Ohona.A virus can do?

  • Authenticode signature is invalid
  • Anomalous .NET characteristics

How to determine TrojanSpy:MSIL/Ohona.A?



File Info:

name: 48782850C2B85100DFEF.mlw
path: /opt/CAPEv2/storage/binaries/2981a0c8c9801deb7fc27cfe8327dc3cceac928874149289c92c9d8ac7e9f0ab
crc32: E04E5C38
md5: 48782850c2b85100dfef27e99cff966a
sha1: 47896d512f7f2d1aa50f97d8c2ecb267047928ad
sha256: 2981a0c8c9801deb7fc27cfe8327dc3cceac928874149289c92c9d8ac7e9f0ab
sha512: 207dd6efe42d3ef3e64717a5b1cfe05dc9e42b5909065593a5d821cce722a204e6a16c893066a9e45c2da05ec431fb4e2217acd6b723faff97e07273b23fc820
ssdeep: 384:vLHp1wf0Jb73AH7VsDA7BCKMbwmtyopKz570+vPLTsx4Y2f1mdeIxH:DvDJb73C7+KowEyokzau1GNH
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T15C922A1673D88213CABE077A5D33832143B1DB0A5A17FBCB1DE8E6AE59727144A42773
sha3_384: 4c65db8380e2aad9c6c8a956b53b01878230de97da5a06187e41ded1d8647d2ffe807b1719920fe6a5c94725cf8b2eef
ep_bytes: ff250020400000000000000000000000
timestamp: 2017-07-06 15:22:07


Version Info:

Translation: 0x0000 0x04b0
FileDescription:  
FileVersion: 0.0.0.0
InternalName: min1.exe
LegalCopyright:  
OriginalFilename: min1.exe
ProductVersion: 0.0.0.0
Assembly Version: 0.0.0.0

TrojanSpy:MSIL/Ohona.A also known as:

BkavW32.AIDetectMalware.CS
LionicTrojan.Win32.Ohona.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanGeneric.Malware.SLU.43C1084E
SkyhighBehavesLike.Win32.Trojan.lm
McAfeeGenericRXBY-CB!48782850C2B8
Cylanceunsafe
VIPREGeneric.Malware.SLU.43C1084E
SangforTrojan.Win32.Save.a
K7AntiVirusSpyware ( 004cdf3e1 )
AlibabaTrojanSpy:MSIL/Ohona.d36113f2
K7GWSpyware ( 004cdf3e1 )
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Spy.Agent.AHG
APEXMalicious
TrendMicro-HouseCallTSPY_OHONA.SM
Paloaltogeneric.ml
ClamAVWin.Malware.Cca03d-9802591-0
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGeneric.Malware.SLU.43C1084E
NANO-AntivirusTrojan.Win32.Dwn.dztbiv
AvastWin32:SpywareX-gen [Trj]
RisingSpyware.Agent!8.C6 (CLOUD)
EmsisoftGeneric.Malware.SLU.43C1084E (B)
GoogleDetected
F-SecureTrojan.TR/Spy.Gen
DrWebTrojan.KillProc.35533
ZillyaTrojan.Agent.Win32.807799
TrendMicroTSPY_OHONA.SM
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.48782850c2b85100
SophosMal/Generic-R
SentinelOneStatic AI – Malicious PE
JiangminTrojan.Generic.bcjmk
WebrootW32.Malware.Gen
VaristW32/MSIL_Troj.FQA.gen!Eldorado
AviraTR/Spy.Gen
MAXmalware (ai score=100)
Antiy-AVLTrojan/Win32.AGeneric
Kingsoftmalware.kb.c.1000
MicrosoftTrojanSpy:MSIL/Ohona.A
XcitiumMalware@#artsu0szbym9
ArcabitGeneric.Malware.SLU.43C1084E
ZoneAlarmHEUR:Trojan.Win32.Generic
GDataGeneric.Malware.SLU.43C1084E
AhnLab-V3Malware/Win32.Generic.C1068693
VBA32TScope.Trojan.MSIL
ALYacGeneric.Malware.SLU.43C1084E
MalwarebytesGeneric.Malware/Suspicious
PandaTrj/CI.A
TencentMalware.Win32.Gencirc.13b5fc2b
YandexTrojan.Agent!BpbOfU1SBdI
IkarusTrojan.MSIL.Spy
MaxSecureTrojan.Malware.7164915.susgen
FortinetMSIL/Generic.AP.EB4F24!tr
BitDefenderThetaAI:Packer.8F8B004D1F
AVGWin32:SpywareX-gen [Trj]
DeepInstinctMALICIOUS
alibabacloudTrojan[spy]:MSIL/SLU.43C1084E

How to remove TrojanSpy:MSIL/Ohona.A?

TrojanSpy:MSIL/Ohona.A removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment