Happy Thursday! It’s that time of the week again where we share our latest updates. As usual we’ve got a few new families on Triage, and some improvements to existing familiar ones.
Check out the list of content below to see what’s new:
New Families This Week
- Added detection and extraction for new family called Status Recorder
- Added detection and extraction for ToxicEye RAT
- Added detection and extraction for MMRat Android banking trojan
- Added detection and extraction for BadBazaar Android malware family
- Added detection and extraction for SuperBear RAT
- Added detection and extraction for QuiteRAT
- Added detection and extraction for SteamHide family
- Added detection and extraction for Prometei’s Windows version
- Added detection for Poverty Stealer family
Updates for Existing Families
- Added extraction support to x64 version of Truebot family
- Added fallback detection for Gurcu stealer recent version
- Updated behavioral IOCs for Prometei ELF backdoor
- Fixed meta section for Strrat and Kraken and add http in Amadey c2 extraction
As always if you find any interesting samples not behaving as expected feel free to reach out to us any time directly through the website, or using the Feedback option on an analysis report page.
Not signed up yet? Head over to tria.ge to register for a free account.