Welcome back to our Triage Thursday blog series! We’re excited to share this week’s detection updates with you. In these quick posts, we highlight the latest malware families detections that have been added.

New Families This Week

• Added extractor for AuraStealer family
  • AuraStealer samples:
    • 260122-scte2set4d
    • 260122-sctqtaet4h
    • 260122-sf8n5sew8f
• Added detection and extraction for DeVixor, Android banking trojan
  • DeVixor samples:
    • 260122-sf73lsew8e
    • 260122-sf7f3sew8d
• Added detection and extraction for CurlBackRAT, Windows RAT
  • CurlBackRAT sample:
    • 260122-scvccaet5d
• Added detection for XoriumStealer, Windows stealer
  • XoriumStealer sample:
    • 260122-sf6vjsew8c
• Added detection for EvelynStealer, Windows APT stealer
  • EvelynStealer samples:
    • 260122-scvm4set5e
    • 260122-sgwe7sex5d
• Added detection for Tonnerre, Windows APT backdoor
  • Tonnerre sample:
    • 260122-sf6jsaew7g
• Added detection for AmaqFinder, Windows APT loader
  • AmaqFinder sample:
    • 260122-scte2set4e
• Added detection for Foudre loader and backdoor, Windows APT malware
  • Foudre samples:
    • 260122-sj1spsey9g

Updates for Existing Families

• Updated detection for WraithNET
  • WraithNET sample:
    • 260122-sct2kset5b
• Updated detection for another variant of ArkanixStealer
  • ArkanixStealer sample:
    • 260122-sgwqzaex5e

If you have any feedback, questions, or issues about Triage feel free to reach out to us any time - we do our best to respond to all feedback but even if we can’t get back to you straight away your files will go into our list of things to review and help us prioritize tasks.

You can find us directly through the website, or using the Feedback option on an analysis report page.

Not signed up yet? Head over to tria.ge to register for a free account.