Greetings! It’s Triage Thursday! We hope you’re looking forward to a great weekend ahead. As is customary, we’re here to provide you with the latest updates we’ve made to Triage during this week. We have added more detection for new versions of existing malware, more new families of malware, and included more behavioral signatures for macOS. We hope you find these updates useful!
Your feedback is valuable to us, so please do not hesitate to reach out to us if you find any issues or observe any dodgy links or malware that Triage may have missed.
Let’s check out what’s new this week:
New Families This Week
- Added detection and extraction for the XenoRat family
- Added detection and extraction for Nexus banking trojan (also known as SOVA v5)
- Added detection and extraction for the WogRAT family
- Added extraction support for the Stealthworker botnet family
- Added detection for Xehook stealer family
Updates for Existing Families
- Updated detection and extraction for the new version of Ahmyth Android RAT
- Fixed StealC stealer condition to avoid false positive cases
Updates for Existing Behavioral Signatures
- Extended credential detection for macOS and updated description for all macOS TTPs
If you have any feedback, questions, or issues about Triage feel free to reach out to us any time - we do our best to respond to all feedback but even if we can’t get back to you straight away your files will go into our list of things to review and help us prioritize tasks.
As always feel free to reach out to us any time directly through the website, or using the Feedback option on an analysis report page.
Not signed up yet? Head over to tria.ge to register for a free account.