ThreatLabz has developed a tool named SmokeBuster to detect, analyze, and remediate infections.
SmokeBuster supports 32-bit and 64-bit instances of SmokeLoader and versions 2017-2022. The tool is compatible with Windows 7 to Windows 11.
SmokeLoader is a malware downloader that originated in 2011. The malware is primarily designed to deliver second-stage payloads, which include information stealers and ransomware.
Despite a major disruption by Operation Endgame in May 2024, SmokeLoader continues to be used by numerous threat groups largely due to numerous cracked versions publicly available on the internet.
The last four versions of SmokeLoader contain coding flaws that significantly impact an infected system’s performance.
