Welcome back to our Triage Thursday blog series! We’re excited to share this week’s detection updates with you. In these quick posts, we highlight the latest malware families detections that have been added.
New Families This Week
- Added detection for Macoute, Windows worm
- Macoute sample:
- Added detection for Kawaii Unicorn, Windows trojan
- Kawaii Unicorn sample:
- Added detection for ChromElevator, Windows hacktool
- ChromElevator sample:
- Added detection to OctoRAT, Windows RAT
- OctoRAT sample:
- Added detection for PupyRAT, cross-platform RAT
- PupyRAT sample:
- Added detection for GoToResolve, Windows RMM tool
- GoToResolve sample:
- Added detection for Rustonotto, Windows backdoor
- Rustonotto sample:
- Added detection for EdgeStepper, Linux backdoor
- EdgeStepper sample:
- Added detection and extraction for Kalim, Windows backdoor
- Kalim sample:
- Added detection and extraction for RageStealer, Windows stealer
- RageStealer sample:
New Ransomware Detection
- Added detection for TeslaCrypt v1 and v2, Windows ransomware
- TeslaCrypt sample:
- Added detection for BlackHunt, Windows Ransomware
- BlackHunt sample:
Updates for Existing Families
- Updated extraction for StealC x64 version traffic key
- StealC sample:
- Updated detection and extraction for different version of ArkanixStealer, Windows stealer
- ArkanixStealer sample:
If you have any feedback, questions, or issues about Triage feel free to reach out to us any time - we do our best to respond to all feedback but even if we can’t get back to you straight away your files will go into our list of things to review and help us prioritize tasks.
You can find us directly through the website, or using the Feedback option on an analysis report page.
Not signed up yet? Head over to tria.ge to register for a free account.