Names | TinyLoader | |
Category | Malware | |
Type | Botnet, Downloader | |
Description | (Fidelis) Tinyloader has a few unique characteristics • It is, in fact, tiny — typically weighing in under 5 KB. • Its command-and-control (C2) server runs on Microsoft Windows, which is fairly uncommon in malware today. • Finally, it is extremely versatile due to its modular C2 mechanism. This mechanism allows the C2 server to pass custom bytecode directly into the running memory of the bot making it easy to load new malware or augment additional malicious behaviors. | |
Information | <https://www.fidelissecurity.com/threatgeek/threat-intelligence/deconstructing-tinyloader/> <https://www.proofpoint.com/us/threat-insight/post/AbaddonPOS-A-New-Point-Of-Sale-Threat-Linked-To-Vawtrak> <https://www.proofpoint.com/us/threat-insight/post/abaddonpos-now-targeting-specific-pos-software> | |
Malpedia | <https://malpedia.caad.fkie.fraunhofer.de/details/win.tinyloader> | |
AlienVault OTX | <https://otx.alienvault.com/browse/pulses?q=tag:TinyLoader> |
Last change to this tool card: 14 May 2020
Download this tool card in JSON format
Previous: TinyCryptor
Next: TinyMet
Changed | Name | Country | Observed | ||
APT groups | |||||
TA530 | [Unknown] | 2016-Nov 2016 | |||
Other groups | |||||
Tiny Spider | [Unknown] | 2015-2017 |
2 groups listed (1 APT, 1 other, 0 unknown)
Thailand Computer Emergency Response Team (ThaiCERT) Follow us on![]() ![]() |
Report incidents |
|
![]() |
+66 (0)2-123-1234 | |
![]() |
report@thaicert.or.th | |
![]() |
Download PGP key |