Welcome back to our Triage Thursday blog series! We’re excited to share this week’s detection updates with you. In these quick posts, we highlight the latest malware families detections that have been added.
New Families This Week
- Added detection and extraction for Datzbro, Android banking trojan
- Datzbro sample:
- Added detection and extraction for Systex, Windows trojan loader
- Systex samples:
- Added detection and extraction for Kittysocks5 family, Linux botnet
- Added detection and extraction for Airashi family, Linux botnet
- Airashi samples:
- Added detection for PhantomVAI aka VMDetectLoader, CaminhoLoader family, Windows loader
- PhantomVAI samples:
- Added detection for CalypsisStealer, Windows stealer
- CalypsisStealer sample:
- Added detection for NovaShadow, Windows stealer
- NovaShadow samples:
- Added detection for PoolRAT, cross-platform trojan
- PoolRAT samples:
- Added detection for ZhongStealer family, Windows stealer
- Added detection for PylangGhost, Python-based RAT
- Added detection for HiatusRAT family, Linux rat
- HiatusRAT samples:
- Added detection for ZuoRAT malware, Linux rat
- ZuoRAT samples:
- Added detection for Spawnsnare exploit utility, Linux exploit
- Spawnsnare sample:
Updates for Existing Families
- Updated detection and extraction for Vidar v16.x
- Vidar samples:
- Updated detection and extraction for latest CrimsonRat, Windows Rat
- CrimsonRat samples:
- Updated detection for the MythStealer, latest Java variant
If you have any feedback, questions, or issues about Triage feel free to reach out to us any time - we do our best to respond to all feedback but even if we can’t get back to you straight away your files will go into our list of things to review and help us prioritize tasks.
You can find us directly through the website, or using the Feedback option on an analysis report page.
Not signed up yet? Head over to tria.ge to register for a free account.