Welcome to another Triage Thursday blogpost, where we go over the updates deployed over the last week. We’re thrilled to keep you in the loop with the most recent updates in our malware detection and configuration extractions. Of course, if you spot any suspicious files that have slipped under our radar, do let us know.
New Families This Week
- Added detection and extraction to DarkGate stealer family
- Added new rule and extractor for Agniane stealer
- Added new rule and extractor for Astasia loader
- Added detection rules for Mandrake Android spyware family
- Added detection for new variant to Gurcu stealer and update older version rules and extraction
Updates for Existing Families
- Updated detection rules for Irata to cover more recent samples
- Fixed Raccoon extractor to avoid alphabet chars at c2 suffix
- Fixed extraction issue with recent samples
If you have any feedback, questions, or issues regarding the sandbox feel free to reach out to us any time - we do our best to respond to all feedback but even if we can’t get back to you your files will go into our list of things to review and help us prioritize tasks.
You can contact us directly through the website, or using the Feedback option on an analysis report page.
Not signed up yet? Head over to tria.ge to register for a free account!