Trojan:Win32/SmokeLoader.ASBM!MTB (file analysis)

The Trojan:Win32/SmokeLoader.ASBM!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan:Win32/SmokeLoader.ASBM!MTB virus can do?

Sample contains Overlay data
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Trojan:Win32/SmokeLoader.ASBM!MTB?


File Info:
name: B35E10F594F885D61175.mlw
path: /opt/CAPEv2/storage/binaries/8f699bdbadeadc38eeb137d81bf507138d412b748c03c352e31324a388b70409
crc32: 1FD9A693
md5: b35e10f594f885d61175f3af333ada43
sha1: a1bc32713b611fb3f6cde055d37078b791f900e0
sha256: 8f699bdbadeadc38eeb137d81bf507138d412b748c03c352e31324a388b70409
sha512: acfee590cc34ce4fc1a8de903084b1526575703da08c100326c875ec0662b6d847a02ac7c37017967916f5fdfb45d85edad074bdf95ebb1a95edb0f9be5840c1
ssdeep: 6144:hcdBFRb6tOhhhGtZIK9U7b/nsJKMXZ4uoFTvQ+m+y:wRb6tfql/n8KwZroFTo+m+y
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1BD54F12272A49032E67759348A72CB660F2F7C62136199DF0FE069794F347C1EB7835A
sha3_384: 3e01c526002cf96e181a87be3509c286eab00a6363746a002cc5104260cbf0baa5b48b7fa09c8462356a60e93be48c62
ep_bytes: e8e4410000e989feffffff35e47e8100
timestamp: 2023-02-12 15:56:10

Version Info:
0: [No Data]

Trojan:Win32/SmokeLoader.ASBM!MTB also known as:

Bkav	W32.AIDetectMalware
Skyhigh	Artemis!Trojan
Malwarebytes	Crypt.Trojan.Malicious.DDS
Sangfor	Suspicious.Win32.Save.a
CrowdStrike	win/malicious_confidence_60% (D)
Symantec	Trojan.Gen.MBT
Elastic	malicious (high confidence)
Cynet	Malicious (score: 100)
APEX	Malicious
DrWeb	Trojan.Pitou.17
Trapmine	malicious.moderate.ml.score
Sophos	Generic ML PUA (PUA)
Ikarus	Trojan-Ransom.StopCrypt
Kingsoft	malware.kb.a.990
Microsoft	Trojan:Win32/SmokeLoader.ASBM!MTB
Google	Detected
McAfee	Artemis!B35E10F594F8
Rising	Trojan.Generic@AI.98 (RDML:da6DB30VSruEIKmOSLAWaQ)
DeepInstinct	MALICIOUS

How to remove Trojan:Win32/SmokeLoader.ASBM!MTB?

Trojan:Win32/SmokeLoader.ASBM!MTB removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X