ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Report
Search
Home > List all groups > List all tools > List all groups using tool Tyupkin

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: Tyupkin

NamesTyupkin
Padpin
CategoryMalware
TypeATM malware
Description(Lastline) For today’s case study, we use a Tyupkin malware sample, a .Net application for bank automated teller machines (ATM) running on the Microsoft Windows operating system. Tyupkin’s aim is to steal cash by sending a specific command to the cash dispenser of the compromised ATM. During the analysis, our sandbox will trick the malware into believing that our analysis environment is an ATM itself. We will achieve this by submitting our sample bundled with a few specific DLLs that provide programmer’s interfaces to a Windows-based ATM, Extensions for Financial Services (XFS).
Information<https://www.lastline.com/labsblog/tyupkin-atm-malware/>
<https://archive.f-secure.com/weblog/archives/00002751.html>
<https://securelist.com/tyupkin-manipulating-atm-machines-with-malware/66988/>
<https://www.atmmarketplace.com/articles/can-the-atm-industry-stop-tyupkin-in-its-tracks/>
<https://documents.trendmicro.com/assets/white_papers/wp-cashing-in-on-atm-malware.pdf>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/win.tyupkin>
AlienVault OTX<https://otx.alienvault.com/browse/pulses?q=tag:tyupkin>

Last change to this tool card: 25 May 2020

Download this tool card in JSON format

All groups using tool Tyupkin

ChangedNameCountryObserved

Unknown groups

 _[ Interesting malware not linked to an actor yet ]_ 

1 group listed (0 APT, 0 other, 1 unknown)

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]