Welcome to Triage Thursday! We are excited to bring you our weekly family and signature changelog for the first Triage Thursday of December. It’s where we get to update you on the detection updates, latest developments, and improvements made to Triage over the past week. We hope you find this information helpful.
Check out what we’ve got for you this week below!
Not signed up yet? Head over to tria.ge to register for a free account.
New Families This Week
- Added detection and extraction for Socks5Systemz family
- Added detection and extraction for SmsAgent Android malware
- Added detection for Wipelock Android malware family
- Added detection for old undetected Emotet trojan/banker version
- Added detection for MacaMax family
Updates for Existing Families
- Updated extraction support for version number of Darkgate family
- Updated detection for Lumma stealer version 4.x
- Updated extraction for Raccoon V2 recent samples
Updates for Existing Behavioral Signatures
- Extended evasion and execution TTPs for macOS T1497.001 and T1569.001
If you have any feedback, questions, or issues about Triage feel free to reach out to us any time - we do our best to respond to all feedback but even if we can’t get back to you straight away your files will go into our list of things to review and help us prioritize tasks.
As always feel free to reach out to us any time directly through the website, or using the Feedback option on an analysis report page.