TinyLoader

Description

(Fidelis) Tinyloader has a few unique characteristics

• It is, in fact, tiny — typically weighing in under 5 KB. • Its command-and-control (C2) server runs on Microsoft Windows, which is fairly uncommon in malware today. • Finally, it is extremely versatile due to its modular C2 mechanism. This mechanism allows the C2 server to pass custom bytecode directly into the running memory of the bot making it easy to load new malware or augment additional malicious behaviors.

Names

Name
TinyLoader

Category

Malware

Type

• Botnet
• Downloader

Information

• https://www.fidelissecurity.com/threatgeek/threat-intelligence/deconstructing-tinyloader/
• https://www.proofpoint.com/us/threat-insight/post/AbaddonPOS-A-New-Point-Of-Sale-Threat-Linked-To-Vawtrak
• https://www.proofpoint.com/us/threat-insight/post/abaddonpos-now-targeting-specific-pos-software

Malpedia

• https://malpedia.caad.fkie.fraunhofer.de/details/win.tinyloader

Alienvault Otx

• https://otx.alienvault.com/browse/pulses?q=tag:TinyLoader

Other Information

Uuid

d69d3400-c249-4a42-aa2f-69ccee84c77a

Last Card Change

2020-05-14