Welcome back to our Triage Thursday blog series! We’re excited to share this week’s detection updates with you. In these quick posts, we highlight the latest malware families detections that have been added.
New Families This Week
- Added detection and extraction for CastleRat family, Windows trojan
- Added detection and extraction for RatOn, Android malware
- RatOn samples:
- Added detection for ZynorRat family, a cross-platform trojan
- ZynorRat
- Windows variant:
- Linux variant:
- Added detection for FinalDraft family, a cross-platform trojan
- FinalDraft
- Windows variant:
- Linux variant:
- Added detection for DogeStealer a NodeJS family, Windows stealer
New Ransomware Detection
- Added detection for Cloak ransomware
- Cloak samples:
- Added detection for Cyborg ransomware
- Cyborg samples:
- Added detection for Kawalocker ransomware
- Kawalocker samples:
- Added detection for Mamona ransomware
- Mamona samples:
- Added detection for Sarcoma ransomware
- Sarcoma samples:
- Added detection for Nova ransomware
- Nova Ransomware samples:
- Added detection for Petya ransomware
- Petya samples:
Updates for Existing Families
- Updated detection and extraction for Smokeloader v.2025 alpha
- Updated detection for Lockbit v5.0 ransomware
- Lockbit samples:
We truly appreciate your help! If you spot any malware that we might have missed, please don’t hesitate to give us a shout. Your insights are super helpful! You can reach out anytime through our website or by clicking the Feedback option on an analysis report page. Thanks for being a part of our community!
If you have any feedback, questions, or issues about Triage feel free to reach out to us any time - we do our best to respond to all feedback but even if we can’t get back to you straight away your files will go into our list of things to review and help us prioritize tasks.
You can find us directly through the website, or using the Feedback option on an analysis report page.
Not signed up yet? Head over to tria.ge to register for a free account.