Welcome back to Triage Thursday! We’re here to keep you up-to-date with the latest updates we’ve made to Triage in the past week. We’ve added some new malware families as well as updated existing ones to cover the latest samples. Also, we’ve included more behavioral signatures for macOS and Android to catch more sneaky behavior.
As always, if you find anything weird, do let us know, and we’ll do our best to help you out.
Now, let’s dive in and see what’s new this week:
New Families This Week
- Added detection and extraction for Observer Stealer family
- Added detection and extraction for Kamran Android spyware
- Updated detection for Pikabot unextracted variant and added extraction for Beta version 1.8.32
Updates for Existing Families
- Updated detection for Qakbot V5 to detect recent samples
Updates for Existing Behavioral Signatures
- Extended signature for macOS to detect evasion, execution, and persistence techniques
- Extended signature for Android to detect collection techniques and updated Mitre Att&ck technique ID
If you have any feedback, questions, or issues about Triage feel free to reach out to us any time - we do our best to respond to all feedback but even if we can’t get back to you straight away your files will go into our list of things to review and help us prioritize tasks.
You can reach contact us directly through the website, or using the Feedback option on an analysis report page.
Not signed up yet? Head over to tria.ge to register for a free account.