ThaiCERT    ETDA    MDES
Report
Search
Home > List all groups > List all tools > List all groups using tool Tyupkin

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: Tyupkin

NamesTyupkin
Padpin
CategoryMalware
TypeATM malware
Description(Lastline) For today’s case study, we use a Tyupkin malware sample, a .Net application for bank automated teller machines (ATM) running on the Microsoft Windows operating system. Tyupkin’s aim is to steal cash by sending a specific command to the cash dispenser of the compromised ATM. During the analysis, our sandbox will trick the malware into believing that our analysis environment is an ATM itself. We will achieve this by submitting our sample bundled with a few specific DLLs that provide programmer’s interfaces to a Windows-based ATM, Extensions for Financial Services (XFS).
Information<https://www.lastline.com/labsblog/tyupkin-atm-malware/>
<https://archive.f-secure.com/weblog/archives/00002751.html>
<https://securelist.com/tyupkin-manipulating-atm-machines-with-malware/66988/>
<https://www.atmmarketplace.com/articles/can-the-atm-industry-stop-tyupkin-in-its-tracks/>
<https://documents.trendmicro.com/assets/white_papers/wp-cashing-in-on-atm-malware.pdf>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/win.tyupkin>
AlienVault OTX<https://otx.alienvault.com/browse/pulses?q=tag:tyupkin>

Last change to this tool card: 25 May 2020

Download this tool card in JSON format

Previous: TYPEFRAME
Next: UDPoS

All groups using tool Tyupkin

ChangedNameCountryObserved

Unknown groups

X_[ Interesting malware not linked to an actor yet ]_ 

1 group listed (0 APT, 0 other, 1 unknown)

Thailand Computer Emergency Response Team (ThaiCERT)
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1234
E-mail report@thaicert.or.th
PGP Download PGP key