It’s Thursday, folks! Time for Triage Thursday, where we check out the latest and most annoying malware trying to sneak into our digital world. These threat actors can be pretty sneaky, but we are on it!
Let’s catch up on the latest threats and share some awesome new updates we’ve come up with just for you. We want to keep things simple, using every trick in the book to tackle these bad guys up to no good.
Let’s see what’s new this week for you together!
New Families This Week
- Added extractor for Aurotun family, Windows stealer
- Aurotun Analysis
- Added detection and extraction for LClipper family, Windows stealer
- LClipper Analysis
- Added detection for Hailbot ARM version
- Halibot Analysis
- Added detection for RondoDox family, Linux botnet
- RondoDox Analysis
- Added detection for FaceFish malware, Linux rootkit
- FaceFish Analysis
- Added detection for ValleyRat’s PyInstaller-packed script
- ValleyRat Analysis
- Added detection for VenusStealer, Python based infostealer
- VenusStealer Analysis
Updates for Existing Families
- Updated detection and extraction for recent StealC x64 undetected samples
- StealC Analysis
- Updated detection and extraction for Umbral new variant
- Umbral Analysis
- Updated detection for PyInstaller with builtin UPX compressed tag
If you have any feedback, questions, or issues about Triage feel free to reach out to us any time - we do our best to respond to all feedback but even if we can’t get back to you straight away your files will go into our list of things to review and help us prioritize tasks.
You can find us directly through the website, or using the Feedback option on an analysis report page.
Not signed up yet? Head over to tria.ge to register for a free account.