Hey there! Welcome to our latest Triage Thursday blogpost. As always we’ve added more malware families for various operating systems to our lovely Triage sandbox so we can now detect more of these pesky malware families, extract their C2 and various configurations, and help research and hunt down newly discovered threats. If you happen to spot any sneaky threats that we may have missed, please don’t hesitate to give us a heads-up.
Let’s check out the cool new stuff we have this week!
New Families This Week
- Added detection and extraction for GuardZoo Android surveillanceware
- Added detection and extraction for Thunderkitty Stealer on Windows
- Added detection and extraction for Thunderkitty Ransomware on Windows
- Added detection and extraction for Mirai Moobot variant x64 family on Linux
- Added detection for Csharp Streamer trojan on Windows
- Added detection for Prince Ransomware family on Windows
Updates for Existing Behavioral Signatures
- Extended behavioral detection from Mitre ATT&CK framework v15.1 for Windows to detect techniques from Defense Evasion, Credential Access, Discovery, Lateral Movement, and Collection tactics
If you have any feedback, questions, or issues about Triage feel free to reach out to us any time - we do our best to respond to all feedback but even if we can’t get back to you straight away your files will go into our list of things to review and help us prioritize tasks.
You can find us directly through the website, or using the Feedback option on an analysis report page.
Not signed up yet? Head over to tria.ge to register for a free account.