Happy Thursday and get ready for this week’s edition of our Triage Thursday blog series. This week, we’re gearing up to roll out updates for a range of families that have been active recently. Plus, we’ve got more behavioral signature updates for Linux coming your way. We hope you find these updates helpful. Exciting things are coming soon, so stay tuned for more updates!
New Families This Week
- Added detection and extraction for NGate, Android malware
- Added detection and extraction for TrickMo family, Android banking trojan
- Added detection and extraction support for Cryptbot recent variant, Windows infostealer
- Added detection for Macma aka CDDS family, macOS backdoor
- Added detection for Fredy family, Window infostealer
- Added detection for Risen, Windows Ransomware
Updates for Existing Families
- Updated extraction support for Meduza for pre-decrypted payloads
Updates for Existing Behavioral Signatures
- Extended Execution and Privilege Escalation techniques for Linux based on the Mitre Att&ck v15.1
If you have any feedback, questions, or issues about Triage feel free to reach out to us any time - we do our best to respond to all feedback but even if we can’t get back to you straight away your files will go into our list of things to review and help us prioritize tasks.
You can find us directly through the website, or using the Feedback option on an analysis report page.
Not signed up yet? Head over to tria.ge to register for a free account.