ThaiCERT    ETDA    MDES
Report
Search
Home > List all groups > List all tools > List all groups using tool TinyLoader

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: TinyLoader

NamesTinyLoader
CategoryMalware
TypeBotnet, Downloader
Description(Fidelis) Tinyloader has a few unique characteristics

• It is, in fact, tiny — typically weighing in under 5 KB.
• Its command-and-control (C2) server runs on Microsoft Windows, which is fairly uncommon in malware today.
• Finally, it is extremely versatile due to its modular C2 mechanism. This mechanism allows the C2 server to pass custom bytecode directly into the running memory of the bot making it easy to load new malware or augment additional malicious behaviors.
Information<https://www.fidelissecurity.com/threatgeek/threat-intelligence/deconstructing-tinyloader/>
<https://www.proofpoint.com/us/threat-insight/post/AbaddonPOS-A-New-Point-Of-Sale-Threat-Linked-To-Vawtrak>
<https://www.proofpoint.com/us/threat-insight/post/abaddonpos-now-targeting-specific-pos-software>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/win.tinyloader>
AlienVault OTX<https://otx.alienvault.com/browse/pulses?q=tag:TinyLoader>

Last change to this tool card: 13 May 2020

Download this tool card in JSON format

All groups using tool TinyLoader

ChangedNameCountryObserved

APT groups

 TA530[Unknown]2016-Nov 2016 
 Tiny Spider[Unknown]2015-2017 

2 groups listed (2 APT, 0 other, 0 unknown)

Thailand Computer Emergency Response Team (ThaiCERT)
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1234
E-mail report@thaicert.or.th
PGP Download PGP key