Tyupkin

Description

(Lastline) For today’s case study, we use a Tyupkin malware sample, a .Net application for bank automated teller machines (ATM) running on the Microsoft Windows operating system. Tyupkin’s aim is to steal cash by sending a specific command to the cash dispenser of the compromised ATM. During the analysis, our sandbox will trick the malware into believing that our analysis environment is an ATM itself. We will achieve this by submitting our sample bundled with a few specific DLLs that provide programmer’s interfaces to a Windows-based ATM, Extensions for Financial Services (XFS).

Names

Name
Tyupkin
Padpin

Type

ATM malware

Information

https://www.lastline.com/labsblog/tyupkin-atm-malware/
https://archive.f-secure.com/weblog/archives/00002751.html
https://securelist.com/tyupkin-manipulating-atm-machines-with-malware/66988/
https://www.atmmarketplace.com/articles/can-the-atm-industry-stop-tyupkin-in-its-tracks/
https://documents.trendmicro.com/assets/white_papers/wp-cashing-in-on-atm-malware.pdf

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.tyupkin

Alienvault Otx

https://otx.alienvault.com/browse/pulses?q=tag:tyupkin

Other Information

Uuid

c524bf68-1845-457b-8cf3-cff7cae6714e

Last Card Change

2020-05-25

Threat Intelligence Garden

Explorer

Tyupkin

Tyupkin

Description

Names

Category

Type

Information

Malpedia

Alienvault Otx

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks