Blog.

Welcome back to our Triage Thursday™ blog series! We’re excited to share this week’s detection updates with you. In these quick posts, we highlight the latest malware families detections that have been added.

New Families This Week

• Added detection and extraction for W1Kstealer, Windows stealer
  • W1Kstealer sample:
    • 260428-krc3lsa12r
• Added detection and extraction for StubWorm RAT, Windows RAT
  • StubWorm sample:
    • 260424-jepefabv6z
• Added detection and extraction for AgarthaX family, Windows stealer
  • AgarthaX sample:
    • 260424-jddasacw3k
• Added detection and extraction for Fletchen stealer, Windows stealer
  • Fletchen sample:
    • 260424-jd5d9sbv5t
• Added detection for Shellter trojan, Windows trojan
  • Shellter sample:
    • 260428-rrgt5aax3w sample:
• Added detection for ApolloShadow, Windows loader
  • ApolloShadow sample:
    • 260424-jd7jmacw6p
• Added detection for Veletrix malware, Windows loader
  • Veletrix sample:
    • 260424-jd7jmabv51
• Added detection for Amonetize family, Windows adware
  • Amonetize sample:
    • 260424-jd44hacw5r
• Added detection for DEFENSOR ID, Android banking trojan
  • DEFENSORID sample:
    • 260424-jd4gzacw5n
• Added detection for DroidKungFu, Android trojan
  • DroidKungFu sample:
    • 260424-jd4sqscw5q
• Added detection for DawDropper, Android banking dropper
  • DawDropper sample:
    • 260428-rysvzaay5s
• Added detection for CometBot, Android banking trojan
  • CometBot sample:
    • 260424-jd4sqsbv41
• Added detection for Clipper, Android trojan
  • Clipper sample:
    • 260424-jd4gzacw5p
• Added detection for Catelites, Android trojan
  • Catelites
• Added detection for CarbonSteal, Android surveillanceware
  • CarbonSteal sample:
    • 260424-jd29xacw5j
• Added detection for Mirax, Android RAT
  • Mirax
• Added detection for Perseus, Android banking trojan
  • Perseus sample:
    • 260424-jd756acw7j
• Added detection for ASO, Android RAT
  • ASO
• Added detection for Dvmap, Android rooting malware
  • Dvmap sample:
    • 260424-jd3wfacw5m
• Added detection for Phoenix, Android RAT
  • Phoenix sample:
    • 260428-rzrpasew4n
• Added detection for Shifu, Windows banking trojan
  • Shifu sample:
    • 260424-jd2y5scw4q
• Added detection for RotaJakiro, Linux backdoor
  • RotaJakiro sample:
    • 260424-jd8fxscw7k

Detection for suspicious tools

• Added detection for AureliaLoader installer sample:
  • 260424-jd51ssbv5v
• Added detection for HeartCrypt packer, Windows PaaS packer sample:
  • 260428-seg5ssbs3z
• Added detection for AdFind hacktook, Windows hacktool sample:
  • 260424-jd6mbsbv5x

Added Ransomware Family This Week

• Clearwater sample:
  • 260424-jd8fxsbv6s
• 8Base sample:
  • 260424-jd6bkacw6l
• Abyss sample:
  • 260424-jd44habv5s
• Adhubllka
• Charger sample:
  • 260424-jd6x4acw6n

If you have any feedback, questions, or issues about Triage™ feel free to reach out to us any time - we do our best to respond to all feedback but even if we can’t get back to you straight away your files will go into our list of things to review and help us prioritize tasks.

You can find us directly through the website sample:, or using the Feedback option on an analysis report page.

Not signed up yet? Head over to tria.ge sample: to register for a free account.