Welcome back to this week’s Triage Thursday! In addition to our weekly update on malware detection, we have an important announcement to share. Starting today, samples submitted to tria.ge will use Windows 10 and Windows 11 by default. With the end of support for Windows 10 Home and Pro coming in October 2025, we have also added support for the latest Windows 10 LTSC in tria.ge.
Along with these updates, we are announcing the deprecation of Windows 7 sandboxes. More than 5 years after the Extended End of Service from Microsoft, Windows 7 has seen its market share drop significantly, and numerous programs [1] [2] and programming languages [1] [2] have dropped support for the OS. Windows 7 will be removed from tria.ge on March 31, 2025.
Windows 7 will remain available until the end of September 2025 in the Recorded Future Enterprise Sandbox for customers who require a legacy OS sandbox.
With that bit of news out of the way, let’s take a look at our detection updates this week:
New Families This Week
- Added detection and extraction for Triastealer, Android stealer
Updates for Existing Families
- Updated detection and extraction for Gh0strat family, Windows trojan
- Updated detection and extraction for ValleyRat latest variant, Windows trojan
- Updated detection and extraction for newer version Ajina, Android banking trojan
- Updated detection and extraction for Meduza x86 version, Windows stealer
- Updated extractor to cover more Xloader, Android banking trojan
If you have any feedback, questions, or issues about Triage feel free to reach out to us any time - we do our best to respond to all feedback but even if we can’t get back to you straight away your files will go into our list of things to review and help us prioritize tasks.
You can find us directly through the website, or using the Feedback option on an analysis report page.
Not signed up yet? Head over to tria.ge to register for a free account.