Welcome back to our Triage Thursday blog series! We’re excited to share this week’s detection updates with you. In these quick posts, we highlight the latest malware families detections that have been added.
New Families This Week
- Added detection and extraction for SarangTrap, Android infostealer
- SarangTrap sample:
- 251105-s3nmgsas2c sample:
- SarangTrap sample:
- Added detection and extraction for DoubleTrouble, Android banking trojan
- DoubleTrouble sample:
- Added detection and extraction for GhostGrab, Android banking trojan and cryptocurrency miner
- GhostGrab sample:
- Added detection for RGDoor, Windows backdoor
- RGDoor sample:
- Added detection for FrostyFerret family, MacOS backdoor
- FrostyFerret sample:
- Added detection for Aisuru family, Linux botnet
- Aisuru sample:
- Added detection for Nighthawk family, Windows hacktool
- Nighthawk sample:
Updates for Existing Families
- Updated detection and extraction for SheetRat v.1.7 and higher
- SheetRat samples:
- Updated detection and extraction for new NGate variant, Android NFC-based Trojan
- NGate sample:
- Update detection for MaksRat
- MaksRat sample:
- Update detection for Aurastealer
- Aurastealer sample:
- Update detection for DuplexSpyRAT
- DuplexSpyRAT sample:
- Update detection for Umbral stealer
- Umbral sample:
If you have any feedback, questions, or issues about Triage feel free to reach out to us any time - we do our best to respond to all feedback but even if we can’t get back to you straight away your files will go into our list of things to review and help us prioritize tasks.
You can find us directly through the website, or using the Feedback option on an analysis report page.
Not signed up yet? Head over to tria.ge to register for a free account.