It’s Triage Thursday, which means the latest updates are here! In this blog series, we over all the updates we’ve made to our lovely sandbox over the past week. We aim to help you stay up to date with the available features and latest detections for various malware families, and to get the most out of the sandbox. We hope you find these updates useful!
New Families This Week
- Added detection and extraction for Amos stealer, a MacOS stealer
- Added detection and extraction for SpinOk Android spyware
- Added detection and extraction for the Dinodas family
- Added detection for the Ducktail stealer family
- Added detection for GoldDigger Android banking trojan
Updates for Existing Families
- Updated detection for the new Mystic stealer variant
- Updated detection and extractor for the new Darkgate variant
- Updated detection and extraction for recent Phemedrone stealer samples
- Updated Gigabud by removing signature to avoid FP with GoldDigger family
- Fixed issues with Redline FP and Bumblebee description
If you have any feedback, questions, or issues about Triage feel free to reach out to us any time - we do our best to respond to all feedback but even if we can’t get back to you straight away your files will go into our list of things to review and help us prioritize tasks.
You can contact us directly through the website, or using the Feedback option on an analysis report page.
Not signed up yet? Head over to tria.ge to register for a free account.