Welcome back to our Triage Thursday blog series! We’re excited to share this week’s detection updates with you. In these quick posts, we highlight the latest malware families detections that have been added.
New Families This Week
- Added extraction support for Acreed family, Windows stealer
- Acreed sample:
- Added detection and extraction for DesckVB RAT, Windows RAT
- DesckVBRAT sample:
- [260303-jv7kyshs3b]https://tria.ge/260303-jv7kyshs3b
- DesckVBRAT sample:
- Added detection for BLueDelta RTF files exploiting CVE-2026-21509
- CVE-2026-21509 sample:
- Added detection for Juko family, Windows trojan
- Juko sample:
- Added detection for Padodor family, Windows trojan
- Padodor sample:
- Added detection for Bundpil family, Windows worm
- Bundpil sample:
- Added detection for SilentRaven, Java based infostealer
- SilentRaven sample:
- Added detection for PromptSpy, Android spyware
- PromptSpy sample:
- Added detection for SweetPotato and LocalPotato, Windows privilege escalation tools
- SweetPotato sample:
- LocalPotato sample:
- Added detection for LaZagne, Windows hacktool
- LaZagne sample:
- Added detection for HorseShell, linux trojan
- HorseShell sample:
- Added detection for VirtualGate malware, Windows backdoor
- VirtualGate sample:
- Added detection for J-Magic famil, Linux backdoor
- J-Magic sample:
- Added detection for OxyPumper family, Windows Adware
- OxyPumper sample:
- Added detection for Pitou family, Windows bootkit
- Pitou sample:
- Added detection for PDQconnect, Remote admin tool
- Added detection for Neutrino family, Windows trojan
- Neutrino sample:
- Added detection for DynamicStealer, Java-based trojan
- DynamicStealer sample:
- Added detection for Massiv, Android banking trojan
- Massiv sample:
- Added detection for MiniDuke, Windows backdoor
- MiniDuke sample:
- Added detection for AnyPdf family, Windows backdoor
- AnyPdf sample:
- Added detection for IronZero malware, Windows wiper
- IronZero sample:
- Added detection for PulsePack malware, Windows backdoor
- PulsePack sample:
Added detection for Windows stealer:
- Oxil sample:
- Phantom sample:
- Vryxen sample:
- RatonRAT sample:
- GrobRAT sample:
- SirkeiraStealer sample:
- CobianRAT sample:
- LuishiRAT sample:
- HorusEyesRAT sample:
Added Ransomware Families:
- PromptLock sample:
- Buhti sample:
- Cephalus sample:
Updates for Existing Families
- Updated detection and extraction for Lumma latest variant
- Lumma sample:
- Updated detection for StealC latest variant
- StealC sample:
- Updated detection for connectwise family
- trustconnect sample:
- softconnect sample:
- hardconnect sample:
- docconnect sample:
- Axiscontrol sample:
- Updated detection for SparkRAT, Windows stealer
- SparkRAT sample:
- Updated detection for GenesisStealer, Windows stealer
- GenesisStealer sample:
- Updated detection for RapidStealer, Windows stealer
- RapidStealer sample:
- Updated detection for PUBLOAD latest samples
- PUBLOAD sample:
- Updated detection and extraction for TONESHELL backdoor
- TONESHELL sample:
If you have any feedback, questions, or issues about Triage feel free to reach out to us any time - we do our best to respond to all feedback but even if we can’t get back to you straight away your files will go into our list of things to review and help us prioritize tasks.
You can find us directly through the website, or using the Feedback option on an analysis report page.
Not signed up yet? Head over to tria.ge to register for a free account.