Welcome back to our Triage Thursday blog series. In this series, we provide a quick rundown of all the updates made to the sandbox over the past week. Today we will cover several malware families and some UI enhancements on the sample submission page. Let’s get started!
UI enhancements
We’ve made several improvements to the UI of our submission page layouts. These enhancements aim to make it a bit easier on the eye and provide a more intuitive navigation experience.
- The Analyze button will always be at the bottom of the page
- The File Tree section and Submission section are be separated
- URLs extracted from PDF files will be separated from the File Tree section
We would greatly appreciate any feedback you have, so please don’t hesitate to share your thoughts with us.
What follows is our weekly malware family update for you. Please enjoy!
New Families This Week
- Added detection to the new RisePro variant and separated it from PrivateLoader detection and extraction
- Added detection rules for TigerRAT family
- Added detection rules and extractor for XWorm version 5.0 samples
Updates for Existing Families
- Updated detection rules for another variant of Gurcu stealer
- Updated detection rules for recent undetected Irata Android samples
- Updated detection rules to cover more AhMyth Android RAT samples
- Updated detection and extractor for 2023 version CapraRAT Android RAT used by APT36
If you have any feedback, questions, or issues about Triage feel free to reach out to us any time - we do our best to respond to all feedback but even if we can’t get back to you straight away your files will go into our list of things to review and help us prioritize tasks.
You can contact us directly through the website, or using the Feedback option on an analysis report page.
Not signed up yet? Head over to tria.ge to register for a free account!