FastPOS

Description

(Trend Micro) How do the components make the entire system work? The main file extracts all components and passes control to the main service (serv32.exe). The main service creates and monitors a central communication medium and directly sends all received information to the C&C server. The keylogger components (Kl32.exe/Kl64.exe) hook the keyboard then communicate with the main service to send logged keystrokes to the C&C server. The RAM scraper modules monitor processes and scan for credit card track data, which are then sent to the main service.

Names

Name
FastPOS

Type

POS malware
Backdoor
Keylogger
Credential stealer

Information

https://blog.trendmicro.com/trendlabs-security-intelligence/fastpos-updates-in-time-for-retail-sale-season/
http://documents.trendmicro.com/assets/Appendix%20-%20FastPOS%20Updates%20in%20Time%20for%20the%20Retail%20Sale%20Season.pdf
http://documents.trendmicro.com/assets/fastPOS-quick-and-easy-credit-card-theft.pdf
https://www.bankinfosecurity.com/fastpos-malware-creator-pleads-guilty-to-federal-charges-a-14751

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.fast_pos

Alienvault Otx

https://otx.alienvault.com/browse/pulses?q=tag:fastpos

Other Information

Uuid

367c3161-847f-4f81-a69f-d70fa65db070

Last Card Change

2020-08-02

Threat Intelligence Garden

Explorer

FastPOS

FastPOS

Description

Names

Category

Type

Information

Malpedia

Alienvault Otx

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks