FrameworkPOS

MITRE

Malware Type:
Other

First seen:
Unknown

Last seen:
Unknown

Details:

[FrameworkPOS](https://attack.mitre.org/software/S0503) is a point of sale (POS) malware used by [FIN6](https://attack.mitre.org/groups/G0037) to steal payment card data from sytems that run physical POS devices.(Citation: SentinelOne FrameworkPOS September 2019)

Associated Techniques (5)

ID	ATT&CK	Tactics
T1005	Data from Local System	-
T1048	Exfiltration Over Alternative Protocol	-
T1057	Process Discovery	-
T1074.001	Local Data Staging	-
T1560.003	Archive via Custom Method	-

Aliases (104)

Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity Trinity

Used by Actors (1)

FIN6
Unknown

Metadata

ID:	78
Created:	13/01/2026 17:48
Updated:	06/03/2026 04:00