Skip to content

Hide Navigation Hide TOC

Smoke Loader (2244253f-a4ad-4ea9-a4bf-fa2f4d895853)

Smoke Loader is a malicious bot application that can be used to load other malware. Smoke Loader has been seen in the wild since at least 2011 and has included a number of different payloads. It is notorious for its use of deception and self-protection. It also comes with several plug-ins. [Malwarebytes SmokeLoader 2016] [Microsoft Dofoil 2018]

Cluster A Galaxy A Cluster B Galaxy B Level
Phobos Ransomware Actors (f138c814-48c0-4638-a4d6-edc48e7ac23a) Tidal Groups Smoke Loader (2244253f-a4ad-4ea9-a4bf-fa2f4d895853) Tidal Software 1
Smoke Loader (2244253f-a4ad-4ea9-a4bf-fa2f4d895853) Tidal Software 8Base Ransomware Actors (00b45c13-d165-44d0-ad6b-99787d2a7ce3) Tidal Groups 1