Concrete signature match: Trojan - Appears legitimate but performs malicious actions for 32-bit Windows platform, family Etset
Trojan:Win32/Etset!rfn is a concrete detection for the SmokeLoader malware, a trojan that acts as a backdoor to download and install additional malicious payloads. Its primary function is to give attackers a foothold on the system to deploy more dangerous threats like ransomware, banking trojans, or cryptocurrency miners.
No detailed analysis available from definition files.
c88f2448efa77d4ba9393392cc48af741ef1a700701fe26607f9d577fb840a37d7a3b5c8370a3b1546f92461aca8d6a85a8e391b78288baa342617c52cc173119c89dc4db1b0597958369bb98481a80df4979f3250e37da0c5cf14903cd46f616351219d4cf4f4ceeeba01f6b79a4ae6393508cf9e128e53c70545682819d76ebfda142bc5c44913eed9ef1cf2a8ad07b7a71312a26e4c7c519bf1a3fedeb6a0Immediately isolate the affected machine from the network. Use Windows Defender to remove the threat, then perform a full system scan to find any secondary payloads. Due to its nature as a loader, consider the system fully compromised and reimage it from a known-good backup.