FileCoder Ransomware
Posted: September 26, 2013
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Ranking: | 430 |
---|---|
Threat Level: | 9/10 |
Infected PCs: | 16,453 |
First Seen: | December 25, 2012 |
---|---|
Last Seen: | October 17, 2023 |
OS(es) Affected: | Windows |
FileCoder is a broad category of Trojans that use file encryption attacks to back up their ransomware scams, which demand money in exchange for restoring the files on your PC. Variants of Filecoder may claim that the first attack was implemented by a third party or that legal penalties involving file encryption have been enacted against you, but these attacks never are legally justified, nor do SpywareRemove.com malware researchers recommend paying the ransoms that FileCoder Trojans request. Since 2013 has seen a meteoric rise in confirmed FileCoder Ransomware infections, protecting your PC from attacks that may install a variant of Filecoder and having anti-malware programs capable of removing FileCoder infections are even more relevant to the modern PC user than ever before.
The Ransom Demand that's Backed Up with More Than Just Lies
FileCoder is a family of ransomware Trojans – similar to the Ukash Virus or various Police Ransomware Trojans – that display system alerts in an attempt to make you pay ransoms. Unlike most kinds of ransomware, the FileCoder Ransomware Trojans differentiate themselves from less invasive PC threats by doing more than displaying a ransom and blocking your PC: they also encrypt many file types on your computer. Often targeted file types include text documents, PDFs, music and videos. The type of encryption varies, but malware researchers warn that it always will make the affected files temporarily unusable. Many encryption attacks also change the names of the files they encrypt so that the victim can tell very easily what's at stake.
In some cases, there are free decryption utilities that will allow you to reverse a Filecoder's attacks against your files. However, in some scenarios, the only way to decrypt your files will be to acquire a decryption key, which is where FileCoder Ransomware's ransom demand comes into play. Despite Filecoder's ransom seeming like your only hope for getting your files back, SpywareRemove.com malware researchers recommend saving your money and, instead, restoring any affected files from a remote backup (such as a DVD or USB drive).
How to Keep Your Files from Being Exploited by Filecoder
FileCoder has a distribution pattern that currently is foremost in Russia, followed by various regions of Europe and the United States. PC users in these countries should be particularly cautious about potential infection vectors for the FileCoder Ransomware, such as e-mail file attachments (most often used against private industry or government targets) and potentially harmful websites disguised as media sites (a common infection method for personal computers). Appropriate Web-browsing habits and having anti-malware programs capable of blocking most Web-based attacks will protect your computer from all of these means of getting infected with Filecoder.
Once the FileCoder Ransomware infects your PC, Filecoder usually will severely limit your access to other applications, besides its already mentioned attacks against other files. SpywareRemove.com malware experts consider booting your PC from a removable drive to be the simplest way around such issues, which will allow you to remove the FileCoder Ransomware with whatever anti-malware product you consider being appropriate.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:d:\all ransomware\ataware ransomware
File name: ataware ransomwareSize: 780.8 KB (780800 bytes)
MD5: aa5348671cb56557925b185d4ebe875a
Detection count: 5
Path: d:\all ransomware
Group: Malware file
Last Updated: August 28, 2020
d:\all ransomware\blackrouter ransomware\1f15a3e297b9017c40276ad1c32d606c8beebbf432227b47360f3674bfb60127.bin
File name: 1f15a3e297b9017c40276ad1c32d606c8beebbf432227b47360f3674bfb60127.binSize: 2.87 MB (2877952 bytes)
MD5: ebad44d2a8c72765aa64bae691458a34
Detection count: 5
File type: Binary File
Mime Type: unknown/bin
Path: d:\all ransomware\blackrouter ransomware
Group: Malware file
Last Updated: August 28, 2020
d:\all ransomware\flatchestware\f8d907099731ba448fef98c4b100265ac37dc57ff26917ff3699fc0060f91cab.bin
File name: f8d907099731ba448fef98c4b100265ac37dc57ff26917ff3699fc0060f91cab.binSize: 937.98 KB (937984 bytes)
MD5: 9997853609388189c6aaec5511a1dd17
Detection count: 5
File type: Binary File
Mime Type: unknown/bin
Path: d:\all ransomware\flatchestware
Group: Malware file
Last Updated: August 28, 2020
d:\all ransomware\samsam ransomware\1ad4c9e3d0e04e7f1e32e196ea1e87ed64237485baab4cfa4b07eed44d4b347d.bin
File name: 1ad4c9e3d0e04e7f1e32e196ea1e87ed64237485baab4cfa4b07eed44d4b347d.binSize: 40.44 KB (40448 bytes)
MD5: 73a4cf1512fc097fc28b6b75915b34bf
Detection count: 5
File type: Binary File
Mime Type: unknown/bin
Path: d:\all ransomware\samsam ransomware
Group: Malware file
Last Updated: August 28, 2020
d:\all ransomware\tfflower ransomware\cxmxjh.bin
File name: cxmxjh.binSize: 6.28 MB (6283264 bytes)
MD5: a14798d28ef66745b8e424b52abf0026
Detection count: 5
File type: Binary File
Mime Type: unknown/bin
Path: d:\all ransomware\tfflower ransomware
Group: Malware file
Last Updated: August 28, 2020
d:\all ransomware\sifrelendi\ransomeware\svchost.bin
File name: svchost.binSize: 772.09 KB (772096 bytes)
MD5: c6d90484c49c61234f01f8aa5c9de150
Detection count: 5
File type: Binary File
Mime Type: unknown/bin
Path: d:\all ransomware\sifrelendi\ransomeware
Group: Malware file
Last Updated: August 28, 2020
d:\all ransomware\zayka ransomware\366623b97142a54efd9be31c673c409bdcfbc6ca0bed50e9bbc9b73d7443a55b.bin
File name: 366623b97142a54efd9be31c673c409bdcfbc6ca0bed50e9bbc9b73d7443a55b.binSize: 320.51 KB (320512 bytes)
MD5: 55c646dd6b45052eb4c779a476349003
Detection count: 5
File type: Binary File
Mime Type: unknown/bin
Path: d:\all ransomware\zayka ransomware
Group: Malware file
Last Updated: August 28, 2020
d:\all ransomware\round6\7ce637575c601a6708c568b433cb36935d9c47559d69d3958f04687f398066b7.bin
File name: 7ce637575c601a6708c568b433cb36935d9c47559d69d3958f04687f398066b7.binSize: 162.3 KB (162304 bytes)
MD5: e2a216e07203ec64c98eed979f260edd
Detection count: 5
File type: Binary File
Mime Type: unknown/bin
Path: d:\all ransomware\round6
Group: Malware file
Last Updated: August 28, 2020
a.exe
File name: a.exeSize: 72.7 KB (72704 bytes)
MD5: e6353f79779a553c822deab899649b1b
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: November 7, 2020
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.