Welcome back to our Triage Thursday blog series! We’re excited to share this week’s detection updates with you. In these quick posts, we highlight the latest malware families detections that have been added.
New Families This Week
- Added detection and extraction for XBinder, Windows crypter and loader
- XBinder sample:
- Added detection and extraction for KeepSpy, Android spyware
- KeepSpy sample:
- Added detection and extraction for MDKOOR loader, Windows loader
- MDKOOR sample:
- Added detection for VortexStealer, Windows stealer
- VortexStealer sample:
- Added detection for MarcoStealer, Windows stealer
- MarcoStealer sample:
- Added detection for SpockStealer, Windows stealer
- SpockStealer sample:
- Added detection for SentinelRAT, Windows RAT
- SentinelRAT sample:
- Added detection for BozokRAT family, Windows RAT
- BozokRAT sample:
- Added detection for BlueBot family, Windows botnet
- BlueBot sample:
- Added detection for Firseria family, Windows adware
- Firseria sample:
- Added detection for Lunam family, Windows trojan
- Lunam sample:
- Added detection for CryotoDef family, Windows trojan
- CryotoDef sample:
Added Worm Families This Week
Added Ransomware Families This Week
- Reynolds sample:
- Uniwinnicrypt sample:
Updates for Existing Families
- Updated detection for ToneIns to include ToneShell backdoor
- ToneShell sample:
- Updated the detection for latest campaign of RondoDox botnet
If you have any feedback, questions, or issues about Triage feel free to reach out to us any time - we do our best to respond to all feedback but even if we can’t get back to you straight away your files will go into our list of things to review and help us prioritize tasks.
You can find us directly through the website, or using the Feedback option on an analysis report page.
Not signed up yet? Head over to tria.ge to register for a free account.