Trojan

Trojan:Win32/SmokeLoader!pz malicious file

Malware Removal

The Trojan:Win32/SmokeLoader!pz is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:Win32/SmokeLoader!pz virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Punjabi
  • Authenticode signature is invalid
  • Behavioural detection: Injection (Process Hollowing)
  • Behavioural detection: Injection (inter-process)

How to determine Trojan:Win32/SmokeLoader!pz?



File Info:

name: 284EC46A8277BDA828AF.mlw
path: /opt/CAPEv2/storage/binaries/4132d95de341825f40f807887e529900f85c95a08e035c446188e01f03bb4522
crc32: 30BC2B4A
md5: 284ec46a8277bda828afc6ec41f679af
sha1: 207f3a378f4e3e75e30a205a6c4525d192076edf
sha256: 4132d95de341825f40f807887e529900f85c95a08e035c446188e01f03bb4522
sha512: 3e35587f72b9d4a78f739ac6d6985b73fb072177d9258d2cbf0e3b5348fa481d1bb227e9f0aa3a5f3af180635a4a2ab401fda7b6344180630000d2f81e3687c1
ssdeep: 3072:1nH3kaJ42MqN3quDPQ8TTgwgpwC5jmx5FuE0xZz:ZR62MQ3qaTTgwgF+u1x
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C754D74392E53D54EA278B728F2FC6EC770EF5518E4A7B6A5228DE1F04B2176C1A3710
sha3_384: a27242b11a8746957f09c55521c39a03dc2a5a9cd43359bae497caa94cbc21c03568b874f8c68a899832f8a0a0574892
ep_bytes: e86c1a0000e978feffff8bff558bec8b
timestamp: 2022-09-04 04:11:44


Version Info:

FileDescription: Calling
LegalCopyright: Copyright (C) 2022, Crazy
OriginalFilename: Jungle
ProductsVersion: 57.5.29.95
ProductionVersion: 47.50.29.96
Translation: 0x25ac 0x0e92

Trojan:Win32/SmokeLoader!pz also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.SmokeLoader.4!c
tehtrisGeneric.Malware
MicroWorld-eScanTrojan.GenericKD.70612133
FireEyeGeneric.mg.284ec46a8277bda8
CAT-QuickHealRansom.Stop.P5
SkyhighBehavesLike.Win32.Lockbit.dm
ALYacTrojan.GenericKD.70612133
Cylanceunsafe
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 005aafe61 )
AlibabaTrojan:Win32/SmokeLoader.cfaee45c
K7GWTrojan ( 005aafe61 )
Cybereasonmalicious.78f4e3
ArcabitTrojan.Generic.D43574A5
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Kryptik.HVKJ
CynetMalicious (score: 100)
APEXMalicious
ClamAVWin.Packer.pkr_ce1a-9980177-0
KasperskyHEUR:Trojan.Win32.Chapak.gen
BitDefenderTrojan.GenericKD.70612133
AvastWin32:PWSX-gen [Trj]
TencentTrojan.Win32.Obfuscated.gen
SophosTroj/Krypt-VK
F-SecureTrojan.TR/Crypt.Agent.kakul
DrWebTrojan.PWS.Stealer.34727
VIPRETrojan.GenericKD.70612133
TrendMicroTrojan.Win32.SMOKELOADER.YXDK3Z
Trapminemalicious.high.ml.score
EmsisoftTrojan.GenericKD.70612133 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan.Chapak.rrw
VaristW32/Kryptik.LDY.gen!Eldorado
AviraTR/Crypt.Agent.kakul
Antiy-AVLTrojan/Win32.Caynamer
KingsoftWin32.Troj.Agent.cks
MicrosoftTrojan:Win32/SmokeLoader!pz
ZoneAlarmHEUR:Trojan.Win32.Chapak.gen
GDataTrojan.GenericKD.70612133
GoogleDetected
AhnLab-V3Malware/Win.RansomX-gen.R625969
McAfeeArtemis!284EC46A8277
MAXmalware (ai score=85)
VBA32BScope.Trojan.Yakes
MalwarebytesTrojan.MalPack.GS
PandaTrj/Genetic.gen
TrendMicro-HouseCallTrojan.Win32.SMOKELOADER.YXDK3Z
RisingTrojan.SmokeLoader!1.EB63 (CLASSIC)
IkarusTrojan.Win32.Azorult
MaxSecureTrojan.Malware.73643692.susgen
FortinetW32/GenKryptik.ERHN!tr
AVGWin32:PWSX-gen [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Trojan:Win32/SmokeLoader!pz?

Trojan:Win32/SmokeLoader!pz removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment