Blog.

Welcome back to our Triage Thursday blog series! We’re excited to share this week’s detection updates with you. In these quick posts, we highlight the latest malware families detections that have been added.

New Families This Week

• Added extraction support for Vidar v16.9 and higher
  • Vidar samples:
    • 260313-vjnjgsd18v
    • 260313-vsqp7sgx3p
• Added detection for KeyzetsuClipper, Windows stealer
  • KeyzetsuClipper sample:
    • 260313-vh45vad14v
• Added detection for Waski family, Windows downloader
  • Waski sample:
    • 260313-vjnt9ad18z
• Added detection for KarstoRAT malware, Windows RAT
  • KarstoRAT sample:
    • 260313-vjn51sd181
• Added detection for ProstoClipper, Windows stealer
  • ProstoClipper sample:
    • 260313-vjnt9ad18x
• Added detection for Taidoor aka Simbot family, Windows trojan
  • Taidoor sample:
    • 260313-vjmbesgs8k
• Added detection for ProcessHider, Linux rootkit
  • ProcessHider samples:
    • 260313-vjp3bagt2j
    • 260313-vjnt9ags9k
• Added detection for WallStealer family, Windows stealer
  • WallStealer sample:
    • 260313-vjld5ags7q
• Added detection for Infinilate malware, Windows loader
  • Infinilate sample:
    • 260313-vjnt9ad18y
• Added detection for ShinobuClipper family, Windows clipper
  • ShinobuClipper sample:
    • 260313-vjqnvagt2l
• Added detection for BrowserSnatch, Windows hacktool
  • BrowserSnatch sample:
    • 260313-vjl1nags8j

Added detection for Windows stealer:

• AlabaiStealer sample:
  • 260313-vjk4csd16w
• CamfrogStealer sample:
  • 260313-vjpfsags9n
• Crime24Stealer sample:
  • 260313-vjnjgsgs9j
• BKAStealer sample:
  • 260313-vjpfsags9p
• HogStealer sample:
  • 260313-vjp3bags9r
• GrowStealer sample:
  • 260313-vjprjsgs9q
• KishiStealer sample:
  • 260313-vjmbesd17t
• NekoStealer sample:
  • 260313-vjlpwsgs7r
• IRtehStealer sample:
  • 260313-vjkslags7p
• RapzoStealer sample:
  • 260313-vjprjsd19x
• W33dyStealer sample:
  • 260313-vjld5ad16x

Added Ransomware Families This Week

• Apos sample:
  • 260313-vjqc3sd191
• Seven sample:
  • 260313-vjmbesd17v
• BlackSnake sample:
  • 260313-vvqszsex7v

If you have any feedback, questions, or issues about Triage feel free to reach out to us any time - we do our best to respond to all feedback but even if we can’t get back to you straight away your files will go into our list of things to review and help us prioritize tasks.

You can find us directly through the website, or using the Feedback option on an analysis report page.

Not signed up yet? Head over to tria.ge to register for a free account.