Skip to main content
Skip to main content
Microsoft Security Intelligence
Published Dec 14, 2023 | Updated Mar 12, 2024


Detected by Microsoft Defender Antivirus

Aliases: No associated aliases


This is a detection of a bot used to load other malware families. It also contains a list of command-and-control (C2) servers to connect back to.

For information about Smokeloader and other human-operated malware campaigns, read these blog posts: 

Microsoft Defender Antivirus automatically removes threats as they are detected. However, many infections can leave remnant files and system changes. Updating your antimalware definitions and running a full scan might help address these remnant artifacts.

You can also visit our advanced troubleshooting page or search the Microsoft virus and malware community for more help.

Follow us