Trojan.Filecoder.AI

By CagedTech in Trojans

Threat Scorecard

Popularity Rank:	5,851
Threat Level:	80 % (High)
Infected Computers:	1,398

First Seen:	February 2, 2022
Last Seen:	April 22, 2026
OS(es) Affected:	Windows

Table of Contents

Analysis Report

General information

Family Name:	Trojan.Filecoder.AI
Signature status:	Self Signed

Known Samples

MD5: ed8fb2c0732ebb5dc72f5330fc6a36fb

SHA1: da490027c4512637783f59cbf038a5ebb1705dfd

File Size: 3.66 MB, 3661816 bytes

MD5: efaa9daa2d2624f9085ff826377337c9

SHA1: d8cff2e8fbde258d22b8a0c3de938eb93579d6d3

File Size: 1.91 MB, 1905360 bytes

MD5: 5c701fc276845f85885cc5128d47f68b

SHA1: 8e237667bc0d54ae9084c72cfbec1ca1081fece1

File Size: 1.91 MB, 1908720 bytes

MD5: 195bae0779c722fde7d1758ee9d4cdfa

SHA1: f2f500cb9d41c4037c8cef0c8330f9dc37211a67

File Size: 1.91 MB, 1905360 bytes

MD5: dc36e9526c11befc1486202ab5df3978

SHA1: 63aec8d5cde8f8db94a1392d8ff4c5c4f9db3f77

File Size: 4.85 MB, 4849776 bytes

MD5: 2aea850ac8b7e23f265c7f9f5355ad95

SHA1: 5ae10781f0ef8a879d621c0dcc104fd742b360f4

File Size: 1.88 MB, 1880008 bytes

MD5: eb420a733178c67d8d571fe794b8aa6c

SHA1: 1d43c5e87f396fb6b4937bed67ea1160c89b6134

File Size: 1.91 MB, 1906736 bytes

MD5: 68c64558d8d84d5e87823db0b8420163

SHA1: 4ce9e097f52840f14d259db412568702efeacea1

SHA256: 6B568F5CFBB98B93964E231B9E1E7F59C10879D6D2F90080E7E896771FCE8ED3

File Size: 1.91 MB, 1908720 bytes

MD5: ec270f1a77dc628ad72f863e42ba6946

SHA1: afe0afff6612a07a785772629b9281da45ef9284

SHA256: 7EA9FAA43951F77530887F370025D43FDE026D5464316F857BFF983813CF5F2F

File Size: 1.91 MB, 1908768 bytes

MD5: b89c68b40af84e3784bb1424255b2052

SHA1: 39f35226efb846e8aa39140726c1f961d657b27f

SHA256: F9A287BB598886C2353DB302AC6E3E93E4329DD22CED46BB543A56855FD94083

File Size: 1.91 MB, 1906776 bytes

MD5: 18c074982b08a229206c006c66f46729

SHA1: 9095c54533d92147e960f208f45a771cdd1a5c4e

SHA256: 27F92A872AEB10231E53CE7E5792EE8161355819294F23E2C3F6A5208B905FD3

File Size: 1.91 MB, 1908720 bytes

MD5: 9a5a34f5467a479e22870cb646a8a0b4

SHA1: ea24d1af0fb8f6cf5b36b173fd54b617fc71914b

SHA256: 5CD9BF4A66EB17C4FF8ABA737093E9B22E899FD762E04CB4D42E8C5F11639817

File Size: 1.91 MB, 1908656 bytes

MD5: c86970c45dc610284a9037c8a2fd8eb9

SHA1: 39d032f4450dd2d40ff0199a95835a395e6d7add

SHA256: F8F22F220E91351A84BC633E3B74095A154F9A0BE877A124B441D0FB94128D5E

File Size: 2.29 MB, 2293760 bytes

MD5: d15cafb989ff1615a9b878fec40f8292

SHA1: 6c99a0c05d88190f300a5c21c7c8c67b4e4f52d5

SHA256: 579C20162896509C77AA9B3070CE825FB09D5C36A0070EC01F838133A8D7D60B

File Size: 1.91 MB, 1908768 bytes

MD5: 457a938e4032b9e5048b275a97346f43

SHA1: 0d33552b4269b0f52a8d03c1112313c1b97a7c48

SHA256: 60E0B5A4B5F72BA368DA035616459D3883588ACBFE530CA23B4B619AFA6ECB6F

File Size: 1.91 MB, 1908720 bytes

MD5: 871c88ceeb7935cf927cb47482268d67

SHA1: cf76247e026e25924cf4a5b0348962973d9f74a6

SHA256: D88CA5D0F549DA0D04D4104AFF10F83B9164D2DD6A1CCF9000BAC93827045448

File Size: 1.91 MB, 1908656 bytes

MD5: 05385b4b4088897fe201515ee6d240bd

SHA1: bea9b886a752d7bed1d3736d54fc877d4f44e6eb

SHA256: 76897019089FF4BEE553F5412A47E89C36BA9A458C88623C9D0023859FFA6A14

File Size: 1.91 MB, 1908656 bytes

MD5: 476d6e03c95119fe279f5c2e3cd3ff53

SHA1: 9e9e4fadf5d848f0cf8fd5edac63d0d324eaa3f8

SHA256: 34143FC992DA6A66EE0C865DB02BCFE10231ACB3432998106405A5DE34B4FC59

File Size: 1.91 MB, 1908720 bytes

MD5: 2f2277c4c42e24ef995f06c68c8912ac

SHA1: b75c01cce204bb1201975e522ec5d71bd30c57b2

SHA256: F1B013EFDB08D3DE52EEA01DBBCCA6439CF0E9D442264806625C39634A753085

File Size: 1.91 MB, 1908720 bytes

MD5: 562e53d8a219c29b85d5eec86eb702c6

SHA1: 017c2c6dfd6e69e238c071e1b7baa0f6ae1031b1

SHA256: 175D49CAFFCDA66920C3843E01051CA996FB50FFCBFF6B9D78231F7C16CD6B2E

File Size: 6.99 MB, 6991840 bytes

MD5: 7038ec92bffa87d8cce8ce8338b77678

SHA1: 9d61910fa8fda09c89b49018874b06a12c344c17

SHA256: 1DACDA7F63F57FC40BE69F369313609BC88BB30133AD6EB2257E09CA26EAFB2E

File Size: 2.35 MB, 2347008 bytes

MD5: a6a28eec4775ce2ca9aca5fd26265462

SHA1: 28d4e367d9e333a4454689cb4766c672af481f48

SHA256: E4C7E472938658A939B2F5B7E45C88766D2B05652DBDE9E86E15391BAC9EED47

File Size: 1.91 MB, 1908768 bytes

MD5: 92f036f6b05afb2ec56fa1c5601c3a1e

SHA1: 7cf3bae24891585eb34cc3a8aa2a7a4275379baa

SHA256: EA9CB70CEA8CABEFB42D2BBBE87EC34BAABE2AA507CAFB09A7379B98A0DDD8B6

File Size: 1.91 MB, 1905360 bytes

MD5: cf01d5d009f8586e68810ba5bee34505

SHA1: 5c2a630f9029244720e8d16b9e25419b7578ec54

SHA256: 195CADD9CDA3EB2BE7DFDD043D65730262DD2054C021EC7A5C5364D52E166E5E

File Size: 1.91 MB, 1908768 bytes

MD5: d0b7ba840e5b197802c684f956f734d3

SHA1: d43a6c2919acacebdfc4d481c198ad426243f710

SHA256: CB3636BAF0EE9B5D05F5BDB3D04A174AAF92C96257BF110DAC574BC6DB09D6E8

File Size: 1.91 MB, 1908656 bytes

MD5: 3eac09646d552620c710a4c468abb7f7

SHA1: e0bfc2b9f057778c9209e51e3f527448875c55ee

SHA256: 58374D8E9691542A959E9BB036D8877F3E307090CB87876D145FE2764ACDBB89

File Size: 1.91 MB, 1908656 bytes

MD5: d41ab114808dac955ef2cdece9bed156

SHA1: 62445d3cbbb889e0ba8772b7f491af91dfda061c

SHA256: 5EF6F5E5635F4EACE71C0D6587C9D59279615FC5EE8719E04FCF4B7E7822E485

File Size: 2.70 MB, 2699240 bytes

MD5: ebf9af572593658d73245627bbc1dcdc

SHA1: 884a6d0e7092d6a0baadfb3ef093224c700f985b

SHA256: C4477800EADAE50E4B9AC4CF28CA1E85CCED540AAE046AEFD3EEEEF34822002C

File Size: 1.91 MB, 1906744 bytes

MD5: a2d7f64cc72b7de5ce6d0d1ff9023051

SHA1: e8bb17525cf4c6b455cfb98c88ffa58146a2b8a5

SHA256: 846270EE88A291E988A1D6EBD719BAFA46CECE2BDC7D8939F060E5E8D375351B

File Size: 1.91 MB, 1908656 bytes

MD5: 68aef76d050e85b390357d90c38076c2

SHA1: 7bddb76273b768f84eef14e40a7dc454984bd217

SHA256: 4C802C4FA7C4EF6E07B091BF43ECA601BA00E667EDAEB2E3AACF5A9D32A7541D

File Size: 1.91 MB, 1908768 bytes

MD5: b6cef04548efe4d6e6ac77c54f04ca53

SHA1: d5cc47177ae1be8eb2ca736ae7eb27523b4f9f60

SHA256: 47FCFDAFF60C7FB74D268D4395C50B2CC6F97715034A97686C8B07BA93CB3C06

File Size: 2.33 MB, 2334720 bytes

MD5: 3408f21b0c25dc89b8675d987378d55b

SHA1: 45cfc92449b22b9eeef7cba25028b1ba9d7807e5

SHA256: 8A431176C572D4C33B6902B461A1EF5F726C57785B18D34FA1C432D6FDDF721B

File Size: 4.28 MB, 4284504 bytes

MD5: dc823efe458f148848bf464109de703a

SHA1: f01639d8a29bedffb9a8c3fb2a9ab9d35de888f8

SHA256: 777F9EE054D5F3AD169FAA715E2C86A4BBDCFDC4AFB2EF8EFE65B4CB65D006CD

File Size: 1.91 MB, 1906736 bytes

MD5: ef33691b5a44c67ff4fd75a68ba6571a

SHA1: af0f21595f6f847f6f71e2ca5d5fca8b21c0afe4

SHA256: 780D08B8874ABB61198A61C71E5C3A3C57365E4A6954A253058598A5D6F36E12

File Size: 2.81 MB, 2813888 bytes

MD5: d95ba51487b609e1159960863853f45d

SHA1: be7a9fe1f6d3d84348d000028dee71f4d75d02f0

SHA256: 35D8B60275F6384CFB6C603A17CFDBF36458C0ECEA288EBE98470324C5E7B5DF

File Size: 1.91 MB, 1908720 bytes

MD5: 67cb727e39cfd4ee5e97b499cc07faa1

SHA1: 61d052c0369cfff6ef03508cf3cd6f090663c153

SHA256: E4BA194C69DB06550F17A5B2C3D91887A5977240885EB0BCC0293223CBB23463

File Size: 1.91 MB, 1908720 bytes

MD5: ba7979136d50e2bb194f872248c56994

SHA1: 0683e8ba28ce040c9a3dd815b1fa6d9c0828a56b

SHA256: 92B860B9445216C4C60D6604D6F978C21C4B67E9D819C59A56756FBA3D87CB2D

File Size: 1.90 MB, 1903344 bytes

MD5: b2e2141b45ecbc45eeca2090347d3a0f

SHA1: 57e28d46fe830b541f075462a62ec7297422d585

SHA256: FD69849382204FBA6C30BB4079D40A50F0966EE1B94FFD17D37AD1709D5FE09F

File Size: 1.91 MB, 1908656 bytes

MD5: cdd4c4c339b7ec63f4bf3545f9930add

SHA1: 4e0a5d883a0fa2d21ef8e005ab3e3a00236f82d6

SHA256: 64D149F01AFB093223277DA002BA0F8B3F0235C321E01676D6704A25B5CBC31C

File Size: 1.91 MB, 1908768 bytes

MD5: 23f79cae97d4371fda3e616e05ec5099

SHA1: 48fd5612d60d076de41fe17a041dfdb9ab03e077

SHA256: E142320C76C9F787847D22140FC504ED914D2FE5E12F61BE36E1B43773E1B8EC

File Size: 4.27 MB, 4267984 bytes

MD5: a4d3c4f1da151e1d369e67d23d9e9d46

SHA1: 3dabd24f85ecacb54befbd11eb1de449bdcf1c86

SHA256: EFF3A1ABD40FBA2632CBF96DC55894EFA35999FA3C7AA096A8D19BA20726F521

File Size: 1.90 MB, 1903344 bytes

MD5: 2d4e25d645bf91ace4414d8fa4c78b61

SHA1: 739020b48f63e06aea9160927774afa03a230b27

SHA256: ED68B8A22369F31E5AE6E835C403291E5EFE6838D0EB92C615BA0B314D82D030

File Size: 1.91 MB, 1908768 bytes

MD5: 3891b957617fb7babd4441f56569fdcf

SHA1: 179426705e064db1ebbcf0a9af706eab304991d4

SHA256: FD4C68904BD169606848E7E48E6C8511B49027C469C6B1D231252231935A9060

File Size: 1.91 MB, 1908720 bytes

MD5: 6434dcd6e73a16c2286134bed26169a2

SHA1: c9777a9da40f5cfdf6aaa8e63c650e63c323a4f3

SHA256: 49788E56F7DDFA8065B1183760E20F3244703E4E5AB4113412961181B129AA67

File Size: 1.91 MB, 1906744 bytes

MD5: b03c05e58c8d8a5f6ced3e2c650b035a

SHA1: 53988c12b930f4a21bbb91aeb7c1f1377e531a12

SHA256: 7033AFF301D7DA6A93A93F0F7982A6A431B57D25419D3A01B21A1773606E88B8

File Size: 1.91 MB, 1908720 bytes

MD5: 0ddb85d85e6708eab0e4a1e4b97545e6

SHA1: 2e0172858ff9363395c2f8999cf7a51af224bd85

SHA256: 983DCB71AAC45691F219B3C5B4A1B640D3D7CE6805EAEEC1E12F1E8DEBB93763

File Size: 3.01 MB, 3006592 bytes

MD5: 5ad3110bc98187a4d2985dbfc42e27d4

SHA1: 4ef5ca4787266829a17e3d4b63de3e68b57abe0e

SHA256: D9B8ADC87472D7FDD69C97E9651AD5F03249BDA7B8986DEABE1620F59BB34C15

File Size: 3.86 MB, 3862528 bytes

MD5: 9b05c840eb7fdd367a8c76e467dc2cf7

SHA1: 0c80bea230e125dd93170d212720e0b8e5b48a6e

SHA256: ECBC1540FC9D7C84E12E1132758695DAF3AB4F1484D1D53F47EB2D8C80EB93EE

File Size: 1.91 MB, 1908720 bytes

MD5: 6ab395dd75ca9e4f578306f46fa6c967

SHA1: a7a6aa43fe172f71fb456487619005b6f7501349

SHA256: FA8B3DC11AA66B49BCF4A679D5AF24931E71084709FE8355679B86B2973C81A6

File Size: 1.90 MB, 1903480 bytes

MD5: 6eb756e355133917fa4c863c298e7142

SHA1: fc6e11029b8a69fd1d3537ebdec375cca36b25cf

SHA256: 6BA67756D9E5A8225FBDA79CE94F4A9A056ED2E0B59AD9FBA45041C061D3CE93

File Size: 1.91 MB, 1908720 bytes

MD5: 0fa5ca47c42b1304123d1429c8f74335

SHA1: 29b2c83183337af743da6da15fc06eb861167e9c

SHA256: 7C86985D8D8C77EBA50E6978F386FC1A654EBC2B458C18B5421DFABA053F0F46

File Size: 1.90 MB, 1903280 bytes

MD5: 5218b079ed2b5a5ffe06b6c1062ebf0a

SHA1: ba619a26c3eb41436f0a26616a9611348e6da066

SHA256: 0DCC0B53D0AD3C4732C60FFA85F1D51C03758AC48A5FED80D86712ED69B7D1F4

File Size: 1.91 MB, 1908720 bytes

MD5: a928b0d969a1e229357c06d930717fe6

SHA1: e62bf24953d2a20f455096d3c004c72f513e05f6

SHA256: C4D271A8832611CDD79E5AF9ECB44F34CC91176BE58E256187CA4139965470B1

File Size: 3.17 MB, 3170424 bytes

Windows Portable Executable Attributes

File doesn't have "Rich" header
File doesn't have debug information
File doesn't have exports table
File doesn't have relocations information
File doesn't have security information
File has exports table
File has TLS information
File is 32-bit executable
File is either console or GUI application
File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)

File is Native application (NOT .NET application)
File is not packed
IMAGE_FILE_DLL is not set inside PE header (Executable)
IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name	Value
Company Name	Big Fish Games, Inc. GameHouse, Inc. iWin Inc. Microids Canada Sahmon Games Smolyanskiy O.V. World-LooM
File Description	Astro Avenger 2 Azada: Ancient Magic Delicious: Emily's True Love DominiGames Fix-it-up 80'ties: Meet Kate's Parents GLWorker Super Collapse! 4 Syberia Executable The treasures of the mystery island: The gates of fate
File Version	3.5.7.45015 2, 91, 0, 0 2, 0, 0, 123 1.0.0.26 1.0.0.24 1.0.0.0 1.0.0.0 1, 5, 0, 0 1, 0, 0, 1 1, 0, 0, 0
Internal Name	Astro Avenger 2 Azada: Ancient Magic Dark Romance: Vampire In Love CE Delicious: Emily's True Love FIU80 GameMaker:Studio Windows C++ Runner GLWorker SuperCollapse4 The treasures of the mystery island: The gates of fate
Legal Copyright	Andy Jurko Copyright (C) 2008 Copyright (C) 2010 Copyright (C) 2013 Doko Ltd Copyright (C) iWin Inc. 2008 Copyright © 2001-2002 Microids Canada Inc. Copyright © 2008 Copyright © 2008 Big Fish Games, Inc. Copyright © 2009 GameHouse, Inc. All right reserved. Copyright © 2011 GameHouse, Inc. All rights reserved.
Original Filename	AstroAvenger2.exe Dark Romance: Vampire In Love CE Fiu80.exe GHDeliciousEmilysTrueLove.exe GLWorker SuperCollapse4.exe The treasures of the mystery island: The gates of fate
Private Build	01.00.00.00
Product Name	Azada: Ancient Magic Dark Romance: Vampire In Love CE Delicious: Emily's True Love Fix-it-up 80'ties: Meet Kate's Parents GLWorker Sahmon Games Astro Avenger 2 Super Collapse! 4 The treasures of the mystery island: The gates of fate
Product Version	3.5.7.45015 2, 91, 0, 0 2, 0, 0, 123 1.0.2388.m 1.0.0.26 1.0.0.0 1.0.0.0 1, 5, 0, 0 1, 0, 0, 1 1, 0, 0, 0
Unity Version	3.5.7f6_795a449bc926

Digital Signatures

Signer	Root	Status
iWin, Inc	DigiCert SHA2 Assured ID Code Signing CA	Self Signed
iWin, Inc	DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1	Self Signed
IWIN, INC	Thawte Code Signing CA - G2	Self Signed
iWin, Inc	Thawte Code Signing CA - G2	Self Signed
IWIN, INC	thawte SHA256 Code Signing CA	Self Signed

iWin, Inc

thawte SHA256 Code Signing CA - G2

Self Signed

File Traits

.adata
2+ executable sections
HighEntropy
No Version Info
VirtualQueryEx
WriteProcessMemory
x86

Block Information

Total Blocks:	107
Potentially Malicious Blocks:	3
Whitelisted Blocks:	65
Unknown Blocks:	39

Visual Map

? ? ? 0 ? 0 ? 0 ? ? 0 0 ? ? ? ? 0 0 0 0 0 0 0 0 0 ? 0 0 0 ? 0 0 0 0 0 0 0 0 ? 0 0 0 0 ? 0 0 0 ? x 0 0 0 0 0 0 0 ? 0 ? ? ? 0 0 0 0 0 0 0 ? 0 ? ? 0 ? ? 0 0 0 0 0 ? ? ? x 0 0 0 0 0 ? ? ? ? 0 ? 0 0 ? x ? ? 0 0 ? 0 ? ?

0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

Filecoder.AI
Keygen.DC

EnigmaSoft’s Payment Processor Digital River GmbH Filing for Bankruptcy Does Not Impact SpyHunter Customers’ Anti-Malware Protection

Search

Change Region

Trojan.Filecoder.AI

Threat Scorecard

EnigmaSoft Threat Scorecard

Analysis Report

General information

Known Samples

Known Samples

Windows Portable Executable Attributes

Windows Portable Executable Attributes

File Icons

File Icons

Windows PE Version Information

Windows PE Version Information

Digital Signatures

Digital Signatures

File Traits

Block Information

Block Information

Visual Map

Similar Families

Similar Families

Submit Comment

Trending

Trojan.Kryptik.JUD

Trojan.Agent.MBD

PUP.Baidu.A

Most Viewed

Pornktube.porn

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen