Welcome back to our Triage Thursday blog series! We’re excited to share this week’s detection updates with you. In these quick posts, we highlight the latest malware families detections that have been added.
New Families This Week
- Added detection and extraction for Amnesia, Android RAT
- Amnesia sample:
- Added detection for DarkSideRAT, Windows RAT
- DarkSideRAT sample:
- Added detection for Neoreklami family, Windows adware
- Neoreklami sample:
- Added detection for Defendnot, an open-source tool to disable Microsoft Defender
- Defendnot sample:
- Added detection for Suterusu module, Linux rootkit module
- Suterusu sample:
- Added detection for HCRootKit family, Linux rootkit
- HCRootKit sample:
- Added detection for APERETIF, Windows trojan
- APERETIF sample:
- Added detection for BUFFETLINE malware, Windows RAT
- BUFFETLINE sample:
- Added detection for TheMoon multi-arch botnet family, Linux botnet
- TheMoon sample:
Added detection for Windows stealer:
- VenomStealer sample:
- SentinelStealer sample:
- Ultimate sample:
- FakeStealer sample:
- Armageddon sample:
- 420Stealer sample:
- Allard sample:
- DoctorStealer sample:
- DimensionStealer sample:
- CheapStealer sample:
- XenoStealer sample:
- N0b0dyStealer sample:
Added Ransomware Family This Week
- GreenBlood sample:
Updates for Existing Families
- Updated detection for RisePro family, C# variant
- RisePro sample:
- Updated detection for Unix_stealer another variant
- Unix_stealer sample:
- Updated detection for Predator stealer, other version
- PredatorStealer sample:
If you have any feedback, questions, or issues about Triage feel free to reach out to us any time - we do our best to respond to all feedback but even if we can’t get back to you straight away your files will go into our list of things to review and help us prioritize tasks.
You can find us directly through the website, or using the Feedback option on an analysis report page.
Not signed up yet? Head over to tria.ge to register for a free account.