| SYMBOL | COMMON_NAME | aka. SYNONYMS |
Mentioned as operator of SmokeLoader in CrowdStrike's 2020 Report.
| 2020-12-23 ⋅ 0xC0DECAFE ⋅ Detect RC4 in (malicious) binaries SmokeLoader Zloader |
| 2020-12-21 ⋅ Cisco Talos ⋅ 2020: The year in malware WolfRAT Prometei Poet RAT Agent Tesla Astaroth Ave Maria CRAT Emotet Gozi IndigoDrop JhoneRAT Nanocore RAT NjRAT Oblique RAT SmokeLoader StrongPity WastedLocker Zloader |
| 2020-12-17 ⋅ Telekom ⋅ Smokeloader is still alive and kickin’ – A new way to encrypt CC server URLs SmokeLoader |
| 2020-09-09 ⋅ Malwarebytes ⋅ Malvertising campaigns come back in full swing Raccoon SmokeLoader |
| 2020-09-02 ⋅ Cisco Talos ⋅ Salfram: Robbing the place without removing your name tag Ave Maria ISFB SmokeLoader Zloader |
| 2020-08-27 ⋅ Hatching.io ⋅ Smokeloader Analysis and More Family Detections SmokeLoader |
| 2020-06-22 ⋅ security.neurolabs ⋅ Comparative analysis between Bindiff and Diaphora - Patched Smokeloader Study Case SmokeLoader |
| 2020-06-21 ⋅ N1ght-W0lf Blog ⋅ Deep Analysis of SmokeLoader SmokeLoader |
| 2020-05-24 ⋅ Malware and Stuff ⋅ Examining Smokeloader’s Anti Hooking technique SmokeLoader |
| 2020-05-24 ⋅ Positive Technologies ⋅ Operation TA505: network infrastructure. Part 3. AndroMut Buhtrap SmokeLoader |
| 2020-03-04 ⋅ CrowdStrike ⋅ 2020 CrowdStrike Global Threat Report MESSAGETAP More_eggs 8.t Dropper Anchor BabyShark BadNews Clop Cobalt Strike CobInt Cobra Carbon System Cutwail DanaBot Dharma DoppelPaymer Dridex Emotet FlawedAmmyy FriedEx Gandcrab Get2 IcedID ISFB KerrDown LightNeuron LockerGoga Maze MECHANICAL Necurs Nokki Outlook Backdoor Phobos Ransomware Predator The Thief QakBot REvil RobinHood Ryuk SDBbot Skipper SmokeLoader TerraRecon TerraStealer TerraTV TinyLoader TrickBot vidar Winnti ANTHROPOID SPIDER Anunak APT31 APT39 BlackTech BuhTrap Charming Kitten CLOCKWORD SPIDER DOPPEL SPIDER Gamaredon Group Leviathan MONTY SPIDER Mustang Panda NARWHAL SPIDER NOCTURNAL SPIDER Pinchy Spider Pirate Panda Salty Spider SCULLY SPIDER SMOKY SPIDER Thrip VENOM SPIDER |
| 2020-02-18 ⋅ Github (DanusMinimus) ⋅ Analyzing Modern Malware Techniques Part 4: I’m afraid of no packer(Part 1 of 2) SmokeLoader |
| 2019-11-21 ⋅ SentinelOne ⋅ Going Deep | A Guide to Reversing Smoke Loader Malware SmokeLoader |
| 2019-07-09 ⋅ Check Point ⋅ The 2019 Resurgence of Smokeloader SmokeLoader |
| 2019-05-02 ⋅ Proofpoint ⋅ 2019: The Return of Retefe Dok Retefe SmokeLoader |
| 2018-09-18 ⋅ int 0xcc blog ⋅ A taste of our own medicine: How SmokeLoader is deceiving configuration extraction by using binary code as bait SmokeLoader |
| 2018-08-14 ⋅ Plug it, play it, burn it, rip it ⋅ Anti-Hooking checks of SmokeLoader 2018 SmokeLoader |
| 2018-07-18 ⋅ CERT.PL ⋅ Dissecting Smoke Loader SmokeLoader |
| 2018-07-03 ⋅ Talos Intelligence ⋅ Smoking Guns - Smoke Loader learned new tricks SmokeLoader TrickBot |
| 2018-04-16 ⋅ Spamhaus ⋅ Smoke Loader malware improves after Microsoft spoils its Campaign SmokeLoader |
| 2018-04-04 ⋅ Microsoft ⋅ Hunting down Dofoil with Windows Defender ATP SmokeLoader |
| 2018-01-12 ⋅ Malwarebytes ⋅ Fake Spectre and Meltdown patch pushes Smoke Loader malware SmokeLoader |
| 2017-08-24 ⋅ Blaze's Security Blog ⋅ Crystal Finance Millennium used to spread malware Chthonic SmokeLoader |
| 2017-08-04 ⋅ PhishLabs ⋅ Smoke Loader Adds Additional Obfuscation Methods to Mitigate Analysis SmokeLoader |
| 2017-04-03 ⋅ Malware Breakdown ⋅ Shadow Server Domains Leading to RIG Exploit Kit Dropping Smoke Loader SmokeLoader |
| 2016-10-17 ⋅ Malwarebytes ⋅ New-looking Sundown EK drops Smoke Loader, Kronos banker Kronos SmokeLoader |
| 2016-08-05 ⋅ Malwarebytes ⋅ Smoke Loader – downloader with a smokescreen still alive SmokeLoader |
| 2014-10-05 ⋅ Eternal Todo ⋅ Dissecting SmokeLoader (or Yulia's sweet ass proposition) SmokeLoader |