Welcome back to another Triage Thursday! We’re excited to update you on the latest improvements we’ve made to our lovely Triage sandbox over the past week. We’ve added a couple of new malware families and updated the existing ones to cover the latest samples. Additionally, we’ve included more behavioral signatures for Android to catch more sneaky behavior.
If you have any thoughts or feedback for us, please do not hesitate to let us know, and we will be more than happy to help you out.
So, let’s dive in and check out what’s new this week!
New Families This Week
- Added detection and extraction for the Apollo family
- Added detection and extraction for Tinyturl-NG malware
- Added detection for XZutil malware related to the CVE-2024-3094
- Added detection for Expiro backdoor
Updates for Existing Families
- Updated extractor for Jupyter for recently extracted samples
- Added behavioral signature for the Vultur Android dropper
Updates for Existing Behavioral Signatures
- Added more Android signatures and TTPs for collection, discovery, and anti-VM tactics
If you have any feedback, questions, or issues about Triage feel free to reach out to us any time - we do our best to respond to all feedback but even if we can’t get back to you straight away your files will go into our list of things to review and help us prioritize tasks.
You can find us directly through the website, or using the Feedback option on an analysis report page.
Not signed up yet? Head over to tria.ge to register for a free account.