Welcome back to our Triage Thursday blog series! In these short posts we summarise the detection updates for the week so that you know which families are being looked at day to day.
As always, if you find any malware up to no good that we haven’t yet detected, please give us a heads-up. Your input is super helpful! Feel free to reach out to us any time directly through the website, or using the Feedback option on an analysis report page.
New Families This Week
- Added new rule for VSingle family
- Added new rule for YamaBot family
- Added new rule for SnowFlake stealer family
- Added new signature for SocGholish family
- Added new signature for GoldBackdoor of APT37
Updates for Existing Families
- Updated rules and extractor for recent PrivateLoader samples
- Updated DarkCloud extractor for recent missed samples
- Updated AgentTesla rules for undetected samples
- Updated extractors to cover recent Joker Android malware family
- Updated detection rule and signature for MedusaLocker variant
Not signed up yet? Head over to tria.ge to register for a free account.