Welcome back to our Triage Thursday blog series! We’re excited to share this week’s detection updates with you. In these quick posts, we highlight the latest malware families detections that have been added.

New Families This Week

• Added detection and extraction for ArkanixStealer
  • ArkanixStealer sample:
    • 251128-f4dsfsxjgy
• Added detection and extraction for ValkyrieStealer, Windows stealer
  • ValkyrieStealer sample:
    • 251128-f4d38a1lap
• Added detection and extraction for Snojan, Windows downloader
  • Snojan sample:
    • 251128-f4edzs1laq
• Added detection and extraction for AngryStealer, Windows stealer
  • AngryStealer sample:
    • 251128-f4e1hsxjgz
• Added detection and extraction for AtlasAgent, Windows trojan
  • AtlasAgent sample:
    • 251128-f4fbaaxjg1
• Added detection and extraction for Sturnus, Android banking trojan
  • Sturnus sample:
    • 251128-f4fl2sxjhs
• Added detection and extraction for Fadok family, Windows worm
  • Fadok sample:
    • 251128-f4fxta1lbj
• Added detection for RapidStealer, Windows stealer
  • RapidStealer sample:
    • 251128-f4jcyaxjhw
• Added detection for Hiddenz’s HVNC, Windows RAT
  • Hiddenz’s HVNC sample:
    • 251128-f4ckds1lam
• Added detection for Shodi family, Windows worm
  • Shodi sample:
    • 251128-f9y1ksxkdx
• Added detection for SoulClose family, Windows worm
  • SoulClose sample:
    • 251128-f4j98sxjhy
• Added detection for Earthworm family, cross-platform hacktool
  • Earthworm sample:
    • 251128-f4kk1axjhz
• Added detection for Fesber family, Windows worm
  • Fesber sample:
    • 251128-f4kwrsxjh1
• Added detection for VioletWorm family, Windows worm
  • VioletWorm sample:
    • 251128-f4k7jaxkas
• Added detection for Fasong family, Windows worm
  • Fasong sample:
    • 251128-f4lhasxkat
• Added detection for Duptwux family, Windows worm
  • Duptwux sample:
    • 251128-f4ls3a1lbl
• Added detection for Sasser family, Windows worm
  • Sasser sample:
    • 251128-f4ls3axkav
• Added detection for Swisyn family, Windows worm
  • Swisyn sample:
    • 251128-f4l4ts1lbm
• Added detection for Sohanad family, Windows worm
  • Sohanad sample:
    • 251128-f98vsa1lgm
• Added detection for PoisonIvy, Windows RAT
  • PoisonIvy sample:
    • 251128-f4melaxkaw
• Added detection for Vilsel, Windows trojan
  • Vilsel sample:
    • 251128-f4mela1lbn

New Ransomware Detection

• Added detection for Wormlock family, Windows ransomware
  • Wormlock sample:
    • 251128-f4mqcsxkax

Updates for Existing Families

• Updated detection and extraction for MaskGramStealer, Windows stealer
  • MaskGramStealer sample:
    • 251128-ge1flahr4y
• Updated extraction for ClayRat, Android spyware
  • ClayRat sample:
    • 251128-f4nbwsxkay

If you have any feedback, questions, or issues about Triage feel free to reach out to us any time - we do our best to respond to all feedback but even if we can’t get back to you straight away your files will go into our list of things to review and help us prioritize tasks.

You can find us directly through the website, or using the Feedback option on an analysis report page.

Not signed up yet? Head over to tria.ge to register for a free account.