Welcome back to our Triage Thursday blog series! We’re excited to share this week’s detection updates with you. In these quick posts, we highlight the latest malware families detections that have been added.
New Families This Week
- Added detection and extraction for Konfety, Android adware
- Konfety samples:
- Added detection and extraction for Klopatra, Android banking trojan
- Klopatra sample:
- Added detection for MythicApollo, Windows backdoor agent
- Added detection for NSPX30, Windows backdoor
New Ransomware Detection
- Added detection for FunkLocker, Windows ransomware
- FunkLocker sample:
- Added detection for WhiteLock, Windows ransomware
- WhiteLock sample:
Updates for Existing Families
- Updated detection and extraction for GhostSocks latest samples
- Ghostsocks sample:
- Updated detection and extraction for Vidar latest obfuscated variant
- Vidar samples:
- Updated extraction for PhantomCard, Android NFC-based trojan
- PhantomCard sample:
- Updated detection for AmosStealer aka AtomicStealer family, MacOS stealer
- Updated detection for CleanupLoader aka OysterLoader
- Updated detection for ArcaneStealer, Windows stealer
- ArcaneStealer sample:
- Updated detection for Mimilove, part of Mimikatz
- Mimikatz sample:
If you have any feedback, questions, or issues about Triage feel free to reach out to us any time - we do our best to respond to all feedback but even if we can’t get back to you straight away your files will go into our list of things to review and help us prioritize tasks.
You can find us directly through the website, or using the Feedback option on an analysis report page.
Not signed up yet? Head over to tria.ge to register for a free account.