Welcome back to our Triage Thursday blog series! We’re excited to share this week’s detection updates with you. In these quick posts, we highlight the latest malware families detections that have been added.

New Families This Week

• Added detection for DroidLock, Android malware
  • DroidLock sample:
    • 260111-j4ypeaex6c
• Added detection and extraction for SeedSnatcher, Android malware
  • SeedSnatcher sample:
    • 260111-j4zayaex6e
• Added detection and extraction for FvncBot, Android banking trojan
  • FvncBot sample:
    • 260111-j7klysey2h
• Added detection for SantaStealer, Windows stealer
  • SantaStealer sample:
    • 260111-j42fasex6h
• Added new detection for FuckFBI, ransomware
  • FuckFBI sample:
    • 260111-j43ncsex7f
• Added new detection for HelloXD, ransomware
  • HelloXD sample:
    • 260111-j43y5aex7g
• Added new detections for LittleDaemon, loader
  • LittleDaemon sample:
    • 260111-j43y5aex7h
• Added new detection for Sh1nySp1d3r, ransomware
  • Sh1nySp1d3r sample:
    • 260111-j44knaex8a
• Added new detection and extraction for MooBot, Linux botnet
  • MooBot sample:
    • 260111-j44wesex8b

Updates for Existing Families

• Updated detection for ChromElevator, Windows hacktool
  • ChromElevator sample:
    • 260111-j41trsex6g
• Updated detection for x64 variant of DonutLoader, Windows loader
  • DonutLoader sample:
    • 260111-j42q3aex7a
• Updated detection for Amadey x64 v5.73
  • Amadey sample:
    • 260111-j422tsex7b
• Updated detection for VanillaRAT, Windows RAT
  • VanillaRAT sample:
    • 260111-j43claex7d

If you have any feedback, questions, or issues about Triage feel free to reach out to us any time - we do our best to respond to all feedback but even if we can’t get back to you straight away your files will go into our list of things to review and help us prioritize tasks.

You can find us directly through the website, or using the Feedback option on an analysis report page.

Not signed up yet? Head over to tria.ge to register for a free account.