Welcome back to our Triage Thursday blog series! We’re excited to share this week’s detection updates with you. In these quick posts, we highlight the latest malware families detections that have been added.
New Families This Week
- Added detection for FlyAgent family, Windows backdoor
- FlyAgent samples:
- Added detection for ThemeForestRAT family, Windows & MacOS & Linux cross-platform stealer
- ThemeForestRAT samples:
- ThemeForestRAT Windows:
- ThemeForestRAT Linux:
- ThemeForestRAT MacOS:
- Added detection for PondRat family, a Windows and Linux cross-platform RAT
- PondRat samples:
- PondRat Windows:
- PondRat Linux:
- Added detection for FireWood family, linux backdoor
- FireWood samples:
- Added detection for ProjectWood family, Windows backdoor
New Ransomware Detection
- Added detection for BlackNevas, Windows and Linux ransomware
- BlackNevas samples:
- BlackNeva Windows:
- BlackNeva Linux:
- Added detection for BlackLock, Windows ransomware
- BlackLock samples:
- Added detection for Gentlemen, Windows ransomware
- Gentlemen samples: * 250925-salx7azzhw
Updates for Existing Families
- Updated detection for and extraction for SVCStealer/Diamotrix Clipper, Windows stealer
- SVCStealer samples:
- Updated detection and extraction for Vidar version v.15.x the latest
- Vidar samples:
- Updated detection for AMOS stealer ake Atomic stealer, MacOS stealer
- Updated extractor for DestinyStealer malware
If you have any feedback, questions, or issues about Triage feel free to reach out to us any time - we do our best to respond to all feedback but even if we can’t get back to you straight away your files will go into our list of things to review and help us prioritize tasks.
You can find us directly through the website, or using the Feedback option on an analysis report page.
Not signed up yet? Head over to tria.ge to register for a free account.