Skip to content

Hide Navigation Hide TOC

eSurv - S0507 (680f680c-eef9-4f8a-b5f5-f451bf47e403)

eSurv is mobile surveillanceware designed for the lawful intercept market that was developed over the course of many years.(Citation: Lookout eSurv)

Cluster A Galaxy A Cluster B Galaxy B Level
System Information Discovery - T1426 (e2ea7f6b-8d4f-49c3-819d-660530d12b77) Attack Pattern eSurv - S0507 (680f680c-eef9-4f8a-b5f5-f451bf47e403) Malware 1
eSurv - S0507 (680f680c-eef9-4f8a-b5f5-f451bf47e403) Malware Asymmetric Cryptography - T1521.002 (16d73b64-5681-4ea0-9af4-4ad86f7c96e8) Attack Pattern 1
Download New Code at Runtime - T1407 (6c49d50f-494d-4150-b774-a655022d20a6) Attack Pattern eSurv - S0507 (680f680c-eef9-4f8a-b5f5-f451bf47e403) Malware 1
eSurv - S0507 (680f680c-eef9-4f8a-b5f5-f451bf47e403) Malware Geofencing - T1627.001 (e422b6fa-4739-46b9-992e-82f1b350c780) Attack Pattern 1
eSurv - S0507 (680f680c-eef9-4f8a-b5f5-f451bf47e403) Malware Location Tracking - T1430 (99e6295e-741b-4857-b6e5-64989eb039b4) Attack Pattern 1
eSurv - S0507 (680f680c-eef9-4f8a-b5f5-f451bf47e403) Malware SSL Pinning - T1521.003 (dfafc230-5465-4993-8dc5-f51fa9fec002) Attack Pattern 1
Audio Capture - T1429 (6683aa0c-d98a-4f5b-ac57-ca7e9934a760) Attack Pattern eSurv - S0507 (680f680c-eef9-4f8a-b5f5-f451bf47e403) Malware 1
eSurv - S0507 (680f680c-eef9-4f8a-b5f5-f451bf47e403) Malware Contact List - T1636.003 (e0b9ecb8-a7d1-43c7-aa30-8e19c6a92c86) Attack Pattern 1
eSurv - S0507 (680f680c-eef9-4f8a-b5f5-f451bf47e403) Malware Exfiltration Over C2 Channel - T1646 (32063d7f-0a39-440d-a4a3-2694488f96cc) Attack Pattern 1
Data from Local System - T1533 (e1c912a9-e305-434b-9172-8a6ce3ec9c4a) Attack Pattern eSurv - S0507 (680f680c-eef9-4f8a-b5f5-f451bf47e403) Malware 1
Asymmetric Cryptography - T1521.002 (16d73b64-5681-4ea0-9af4-4ad86f7c96e8) Attack Pattern Encrypted Channel - T1521 (ed2c05a1-4f81-4d97-9e1b-aff01c34ae84) Attack Pattern 2
Execution Guardrails - T1627 (498e7b81-238d-404c-aa5e-332904d63286) Attack Pattern Geofencing - T1627.001 (e422b6fa-4739-46b9-992e-82f1b350c780) Attack Pattern 2
SSL Pinning - T1521.003 (dfafc230-5465-4993-8dc5-f51fa9fec002) Attack Pattern Encrypted Channel - T1521 (ed2c05a1-4f81-4d97-9e1b-aff01c34ae84) Attack Pattern 2
Protected User Data - T1636 (11c2c2b7-1fd4-408f-bc2e-fe772ef9df5e) Attack Pattern Contact List - T1636.003 (e0b9ecb8-a7d1-43c7-aa30-8e19c6a92c86) Attack Pattern 2