Hey there and welcome to another exciting Triage Thursday blog post! We’re thrilled to share all the latest updates we’ve rolled out over the past week with you in this series, so stay tuned!
If you find any malware we may have missed, please give us a shout. Your help keeps our radar up to date and makes the world safer. Thanks for being part of our community!
Let’s get started and see what’s new:
New Families This Week
- Added detection and extraction to Urelas trojan family
- Added detection, signature and extraction to Neconyd trojan
- Added detection for Android Metasploit payload generated with msfvenom
- Added detection for WHIRLPOOL linux family
- Added detection for SALTWATER linux family
- Added detection for Blankgrabber Python family
- Added detection for Creal Stealer Python family
Updates for Existing Families
- Added support for fallback detection and extract Xworm version number
- Updated Luca stealer rules and extractor for recent samples
- Updated rules and extractor of Lumma stealer for recent samples
- Updated and fix couple missed meta section, delete Prometei fallback detection for windows, delete StealC botnet
As always if you find any interesting samples not behaving as expected feel free to reach out to us any time directly through the website, or using the Feedback option on an analysis report page.
Not signed up yet? Head over to tria.ge to register for a free account.