S0226Windows

S0226Smoke Loader

Platforms
1
ATT&CK
14.1
References
3

Description

[Smoke Loader](https://attack.mitre.org/software/S0226) is a malicious bot application that can be used to load other malware. [Smoke Loader](https://attack.mitre.org/software/S0226) has been seen in the wild since at least 2011 and has included a number of different payloads. It is notorious for its use of deception and self-protection. It also comes with several plug-ins. (Citation: Malwarebytes SmokeLoader 2016) (Citation: Microsoft Dofoil 2018)

Platforms· 1

Windows

References

  1. https://attack.mitre.org/software/S0226
  2. https://blog.malwarebytes.com/threat-analysis/2016/08/smoke-loader-downloader-with-a-smokescreen-still-alive/
  3. https://cloudblogs.microsoft.com/microsoftsecure/2018/03/07/behavior-monitoring-combined-with-machine-learning-spoils-a-massive-dofoil-coin-mining-campaign/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
Mosquito
Software
TrickBot
Software
InvisiMole
Software
Pisloader
Actor
SMOKY SPIDER
Software
CozyCar
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.