Skip to content

Hide Navigation Hide TOC

DroidJack - S0320 (05c4f87c-be8f-46ea-8d9a-2a0aad8f52c1)

DroidJack is an Android remote access tool that has been observed posing as legitimate applications including the Super Mario Run and Pokemon GO games. (Citation: Zscaler-SuperMarioRun) (Citation: Proofpoint-Droidjack)

Cluster A Galaxy A Cluster B Galaxy B Level
DroidJack - S0320 (05c4f87c-be8f-46ea-8d9a-2a0aad8f52c1) Malware Call Log - T1636.002 (1d1b1558-c833-482e-aabb-d07ef6eae63d) Attack Pattern 1
DroidJack - S0320 (05c4f87c-be8f-46ea-8d9a-2a0aad8f52c1) Malware Audio Capture - T1429 (6683aa0c-d98a-4f5b-ac57-ca7e9934a760) Attack Pattern 1
DroidJack - S0320 (05c4f87c-be8f-46ea-8d9a-2a0aad8f52c1) Malware Match Legitimate Name or Location - T1655.001 (114fed8b-7eed-4136-8b9c-411c5c7fff4b) Attack Pattern 1
Video Capture - T1512 (d8940e76-f9c1-4912-bea6-e21c251370b6) Attack Pattern DroidJack - S0320 (05c4f87c-be8f-46ea-8d9a-2a0aad8f52c1) Malware 1
DroidJack - S0320 (05c4f87c-be8f-46ea-8d9a-2a0aad8f52c1) Malware SMS Messages - T1636.004 (c6421411-ae61-42bb-9098-73fddb315002) Attack Pattern 1
Protected User Data - T1636 (11c2c2b7-1fd4-408f-bc2e-fe772ef9df5e) Attack Pattern Call Log - T1636.002 (1d1b1558-c833-482e-aabb-d07ef6eae63d) Attack Pattern 2
Masquerading - T1655 (f856eaab-e84a-4265-a8a2-7bf37e5dc2fc) Attack Pattern Match Legitimate Name or Location - T1655.001 (114fed8b-7eed-4136-8b9c-411c5c7fff4b) Attack Pattern 2
Protected User Data - T1636 (11c2c2b7-1fd4-408f-bc2e-fe772ef9df5e) Attack Pattern SMS Messages - T1636.004 (c6421411-ae61-42bb-9098-73fddb315002) Attack Pattern 2