Bread - S0432 (108b2817-bc01-404e-8e1b-8cdeec846326)

Bread was a large-scale billing fraud malware family known for employing many different cloaking and obfuscation techniques in an attempt to continuously evade Google Play Store’s malware detection. 1,700 unique Bread apps were detected and removed from the Google Play Store before being downloaded by users.(Citation: Google Bread)

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
Bread - S0432 (108b2817-bc01-404e-8e1b-8cdeec846326)	Malware	Access Notifications - T1517 (39dd7871-f59b-495f-a9a5-3cb8cc50c9b2)	Attack Pattern	1
Bread - S0432 (108b2817-bc01-404e-8e1b-8cdeec846326)	Malware	Generate Traffic from Victim - T1643 (a8e971b8-8dc7-4514-8249-ae95427ec467)	Attack Pattern	1
Bread - S0432 (108b2817-bc01-404e-8e1b-8cdeec846326)	Malware	Software Packing - T1406.002 (51636761-2e35-44bf-9e56-e337adf97174)	Attack Pattern	1
Bread - S0432 (108b2817-bc01-404e-8e1b-8cdeec846326)	Malware	Native API - T1575 (52eff1c7-dd30-4121-b762-24ae6fa61bbb)	Attack Pattern	1
Bread - S0432 (108b2817-bc01-404e-8e1b-8cdeec846326)	Malware	Web Protocols - T1437.001 (2282a98b-5049-4f61-9381-55baca7c1add)	Attack Pattern	1
Bread - S0432 (108b2817-bc01-404e-8e1b-8cdeec846326)	Malware	Obfuscated Files or Information - T1406 (d13fa042-8f26-44e1-a2a8-af0bf8e2ac9a)	Attack Pattern	1
Bread - S0432 (108b2817-bc01-404e-8e1b-8cdeec846326)	Malware	SMS Messages - T1636.004 (c6421411-ae61-42bb-9098-73fddb315002)	Attack Pattern	1
Bread - S0432 (108b2817-bc01-404e-8e1b-8cdeec846326)	Malware	System Network Configuration Discovery - T1422 (d4536441-1bcc-49fa-80ae-a596ed3f7ffd)	Attack Pattern	1
Bread - S0432 (108b2817-bc01-404e-8e1b-8cdeec846326)	Malware	Download New Code at Runtime - T1407 (6c49d50f-494d-4150-b774-a655022d20a6)	Attack Pattern	1
Obfuscated Files or Information - T1406 (d13fa042-8f26-44e1-a2a8-af0bf8e2ac9a)	Attack Pattern	Software Packing - T1406.002 (51636761-2e35-44bf-9e56-e337adf97174)	Attack Pattern	2
Application Layer Protocol - T1437 (6a3f6490-9c44-40de-b059-e5940f246673)	Attack Pattern	Web Protocols - T1437.001 (2282a98b-5049-4f61-9381-55baca7c1add)	Attack Pattern	2
Protected User Data - T1636 (11c2c2b7-1fd4-408f-bc2e-fe772ef9df5e)	Attack Pattern	SMS Messages - T1636.004 (c6421411-ae61-42bb-9098-73fddb315002)	Attack Pattern	2