SpyNote RAT - S0305 (20dbaf05-59b8-4dc6-8777-0b17f4553a23)

SpyNote RAT (Remote Access Trojan) is a family of malicious Android apps. The SpyNote RAT builder tool can be used to develop malicious apps with the malware's functionality. (Citation: Zscaler-SpyNote)

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
SpyNote RAT - S0305 (20dbaf05-59b8-4dc6-8777-0b17f4553a23)	Malware	SMS Messages - T1636.004 (c6421411-ae61-42bb-9098-73fddb315002)	Attack Pattern	1
SpyNote RAT - S0305 (20dbaf05-59b8-4dc6-8777-0b17f4553a23)	Malware	Location Tracking - T1430 (99e6295e-741b-4857-b6e5-64989eb039b4)	Attack Pattern	1
Audio Capture - T1429 (6683aa0c-d98a-4f5b-ac57-ca7e9934a760)	Attack Pattern	SpyNote RAT - S0305 (20dbaf05-59b8-4dc6-8777-0b17f4553a23)	Malware	1
SpyNote RAT - S0305 (20dbaf05-59b8-4dc6-8777-0b17f4553a23)	Malware	Contact List - T1636.003 (e0b9ecb8-a7d1-43c7-aa30-8e19c6a92c86)	Attack Pattern	1
SpyNote RAT - S0305 (20dbaf05-59b8-4dc6-8777-0b17f4553a23)	Malware	Data from Local System - T1533 (e1c912a9-e305-434b-9172-8a6ce3ec9c4a)	Attack Pattern	1
SpyNote RAT - S0305 (20dbaf05-59b8-4dc6-8777-0b17f4553a23)	Malware	Broadcast Receivers - T1624.001 (3775a580-a1d1-46c4-8147-c614a715f2e9)	Attack Pattern	1
Protected User Data - T1636 (11c2c2b7-1fd4-408f-bc2e-fe772ef9df5e)	Attack Pattern	SMS Messages - T1636.004 (c6421411-ae61-42bb-9098-73fddb315002)	Attack Pattern	2
Protected User Data - T1636 (11c2c2b7-1fd4-408f-bc2e-fe772ef9df5e)	Attack Pattern	Contact List - T1636.003 (e0b9ecb8-a7d1-43c7-aa30-8e19c6a92c86)	Attack Pattern	2
Broadcast Receivers - T1624.001 (3775a580-a1d1-46c4-8147-c614a715f2e9)	Attack Pattern	Event Triggered Execution - T1624 (d446b9f0-06a9-4a8d-97ee-298cfee84f14)	Attack Pattern	2