File verdict·Decided by the MT AI Engine
Our call
Malicious
6 of 76 antivirus engines flagged this file as malicious.
Trust score84Moderate trust
MT AI confidence · 50%
AiDefend.exe
4.4 MBd6a0a37ba8d07bbca3…f3295f916bAntivirus engines
6 of 76 flagged
Code signing
Unsigned
Age
First seen 2mo ago
MT AI Engine · our arbiter
The verdict, reasoned out.
Not a rules engine. The MT AI Engine reads every signal we collected, weighs them against history, and commits to an answer.
50%Confidence
Reasoning
6 of 76 antivirus engines flagged this file as malicious.
Points against
- 6 antivirus engines flagged this file.
What to do
Delete this file and scan your system with an up-to-date antivirus.
No researcher-database hits
External threat-intel sources were not collected for this scan.
Antivirus engine breakdown
6 detections across 76 engines
6 malicious0 suspicious70 clean
Tier-117 engines
0flag
Top commercial AVs (low FP rate)
Tier-238 engines
2flag
Mainstream engines with mixed FP rates
Low-trust21 engines
4flag
Heuristic / generic-AI engines (high FP rate)
alibabacloud
malicious
Trojan:Win/Lakaboy.LY
APEX
malicious
Malicious
huorong
malicious
Ransom/Filecoder.c
Kingsoft
malicious
Win32.Worm.WannaMine.i
Paloalto
malicious
generic.ml
Rising
malicious
Ransom.Filecoder!8.1BA3F (CLOUD)
Hash d6a0a37ba8d0… cross-referenced against 76 AV engines via our AV network.
File identity
Forensic fingerprint
File biography
First seen (VT)
3/31/2026, 1:56:45 PM
First seen (MalwareBazaar)
—
Last analysis (VT)
4/21/2026, 2:01:21 PM
Scanned here
4/22/2026, 3:47:03 PM
- File name
- AiDefend.exe
- Size
- 4.41 MB
- MIME type
- (unknown)
- Detected type
- Win32 EXE
- SHA-256
- d6a0a37ba8d07bbca3606c1ef06dea7f7b49b88c51f46bccfd7d33f3295f916b
- MD5
- 995a85d89832468412be2def7ea21951
- SHA-1
- f1594b9a646b7b7b4af1f3cfac6e87d92627a4ac
- PE imphash
- 05480c7a61554bfcbaa13bab43e02ebd
- First seen (VT)
- 3/31/2026, 1:56:45 PM
- Last analysis (VT)
- 4/21/2026, 2:01:21 PM
- First scan (MalwareTips)
- 4/20/2026, 2:02:27 PM
- Last scan (MalwareTips)
- 4/22/2026, 3:47:03 PM
Behavior tags
idlepeexe64bitsdetect-debug-environment
Scanned by
JackStaff
Sign in to follow
Files are processed in a streaming pass-through — MalwareTips never stores the binary on its servers. Only the scan result (hash, detections, verdict) is retained so the next person who scans the same file gets an instant answer. If you ran this file on your computer and are worried, scan your system with an up-to-date antivirus and change critical passwords from a different device.
Reviews & malware reports(0)
Tell the community what you saw. Tag the sample — Trojan, Adware, False Positive — and share what the file did on your system. Your report helps confirm or dispute the AV verdict.