Welcome to our Triage Thursday blog series, where we delve into the latest updates that took place in the sandbox during the past week. In today’s blog, we have some new updates that aim to detect the most recent and emerging malware families. These updates include detection rules and configuration extraction, which simplifies your process of hunting down malware and C2.
New Families This Week
- Added detection rule for LightSpy spyware
- Added detection rule for SoumniBot Android banking trojan
- Added detection rule for SSLoad family
- Added detection rule for Cinoshi family
- Added detection rule for HijackLoader aka IDATLoader family
Updates for Existing Families
- Updated extraction for RisePro stealer and behavioral fallback detection for PrivateLoader family
- Updated extraction for Masepie malware to support domain extraction
If you have any feedback, questions, or issues about Triage feel free to reach out to us any time - we do our best to respond to all feedback but even if we can’t get back to you straight away your files will go into our list of things to review and help us prioritize tasks.
You can find us directly through the website, or using the Feedback option on an analysis report page.
Not signed up yet? Head over to tria.ge to register for a free account.