Skip to content

Hide Navigation Hide TOC

Monokle - S0407 (6a7aaab1-3e0a-48bb-ba66-bbf7665c0a65)

Monokle is targeted, sophisticated mobile surveillanceware. It is developed for Android, but there are some code artifacts that suggests an iOS version may be in development.(Citation: Lookout-Monokle)

Cluster A Galaxy A Cluster B Galaxy B Level
Monokle - S0407 (6a7aaab1-3e0a-48bb-ba66-bbf7665c0a65) Malware Call Log - T1636.002 (1d1b1558-c833-482e-aabb-d07ef6eae63d) Attack Pattern 1
Monokle - S0407 (6a7aaab1-3e0a-48bb-ba66-bbf7665c0a65) Malware System Network Connections Discovery - T1421 (dd818ea5-adf5-41c7-93b5-f3b839a219fb) Attack Pattern 1
Ingress Tool Transfer - T1544 (2bb20118-e6c0-41dc-a07c-283ea4dd0fb8) Attack Pattern Monokle - S0407 (6a7aaab1-3e0a-48bb-ba66-bbf7665c0a65) Malware 1
Hooking - T1617 (ccde43e4-78f9-4f32-b401-c081e7db71ea) Attack Pattern Monokle - S0407 (6a7aaab1-3e0a-48bb-ba66-bbf7665c0a65) Malware 1
Monokle - S0407 (6a7aaab1-3e0a-48bb-ba66-bbf7665c0a65) Malware File Deletion - T1630.002 (ab7400b7-3476-4776-9545-ef3fa373de63) Attack Pattern 1
Out of Band Data - T1644 (ec4c4baa-026f-43e8-8f56-58c36f3162dd) Attack Pattern Monokle - S0407 (6a7aaab1-3e0a-48bb-ba66-bbf7665c0a65) Malware 1
System Information Discovery - T1426 (e2ea7f6b-8d4f-49c3-819d-660530d12b77) Attack Pattern Monokle - S0407 (6a7aaab1-3e0a-48bb-ba66-bbf7665c0a65) Malware 1
Software Discovery - T1418 (198ce408-1470-45ee-b47f-7056050d4fc2) Attack Pattern Monokle - S0407 (6a7aaab1-3e0a-48bb-ba66-bbf7665c0a65) Malware 1
Compromise Client Software Binary - T1645 (4f14e30b-8b57-4a7b-9093-2c0778ea99cf) Attack Pattern Monokle - S0407 (6a7aaab1-3e0a-48bb-ba66-bbf7665c0a65) Malware 1
Monokle - S0407 (6a7aaab1-3e0a-48bb-ba66-bbf7665c0a65) Malware Keylogging - T1417.001 (b1c95426-2550-4621-8028-ceebf28b3a47) Attack Pattern 1
Monokle - S0407 (6a7aaab1-3e0a-48bb-ba66-bbf7665c0a65) Malware Account Access Removal - T1640 (e2c2249a-eb82-4614-8dd4-9c514dde65e2) Attack Pattern 1
Monokle - S0407 (6a7aaab1-3e0a-48bb-ba66-bbf7665c0a65) Malware System Network Configuration Discovery - T1422 (d4536441-1bcc-49fa-80ae-a596ed3f7ffd) Attack Pattern 1
Call Control - T1616 (351ddf79-2d3a-41b4-9bef-82ea5d3ccd69) Attack Pattern Monokle - S0407 (6a7aaab1-3e0a-48bb-ba66-bbf7665c0a65) Malware 1
Calendar Entries - T1636.001 (a9fa0d30-a8ff-45bf-922e-7720da0b7922) Attack Pattern Monokle - S0407 (6a7aaab1-3e0a-48bb-ba66-bbf7665c0a65) Malware 1
Contact List - T1636.003 (e0b9ecb8-a7d1-43c7-aa30-8e19c6a92c86) Attack Pattern Monokle - S0407 (6a7aaab1-3e0a-48bb-ba66-bbf7665c0a65) Malware 1
Video Capture - T1512 (d8940e76-f9c1-4912-bea6-e21c251370b6) Attack Pattern Monokle - S0407 (6a7aaab1-3e0a-48bb-ba66-bbf7665c0a65) Malware 1
Internet Connection Discovery - T1422.001 (45a5fe76-eda3-4d40-8f22-c186efd6278d) Attack Pattern Monokle - S0407 (6a7aaab1-3e0a-48bb-ba66-bbf7665c0a65) Malware 1
Monokle - S0407 (6a7aaab1-3e0a-48bb-ba66-bbf7665c0a65) Malware Obfuscated Files or Information - T1406 (d13fa042-8f26-44e1-a2a8-af0bf8e2ac9a) Attack Pattern 1
Adversary-in-the-Middle - T1638 (08e22979-d320-48ed-8711-e7bf94aabb13) Attack Pattern Monokle - S0407 (6a7aaab1-3e0a-48bb-ba66-bbf7665c0a65) Malware 1
Wi-Fi Discovery - T1422.002 (be63612f-a48f-44f2-a7a6-1763509fcf80) Attack Pattern Monokle - S0407 (6a7aaab1-3e0a-48bb-ba66-bbf7665c0a65) Malware 1
Monokle - S0407 (6a7aaab1-3e0a-48bb-ba66-bbf7665c0a65) Malware Location Tracking - T1430 (99e6295e-741b-4857-b6e5-64989eb039b4) Attack Pattern 1
Audio Capture - T1429 (6683aa0c-d98a-4f5b-ac57-ca7e9934a760) Attack Pattern Monokle - S0407 (6a7aaab1-3e0a-48bb-ba66-bbf7665c0a65) Malware 1
Screen Capture - T1513 (73c26732-6422-4081-8b63-6d0ae93d449e) Attack Pattern Monokle - S0407 (6a7aaab1-3e0a-48bb-ba66-bbf7665c0a65) Malware 1
Data from Local System - T1533 (e1c912a9-e305-434b-9172-8a6ce3ec9c4a) Attack Pattern Monokle - S0407 (6a7aaab1-3e0a-48bb-ba66-bbf7665c0a65) Malware 1
Protected User Data - T1636 (11c2c2b7-1fd4-408f-bc2e-fe772ef9df5e) Attack Pattern Call Log - T1636.002 (1d1b1558-c833-482e-aabb-d07ef6eae63d) Attack Pattern 2
Indicator Removal on Host - T1630 (0d4e3bbb-7af5-4c88-a215-0c0906bc1e8d) Attack Pattern File Deletion - T1630.002 (ab7400b7-3476-4776-9545-ef3fa373de63) Attack Pattern 2
Input Capture - T1417 (a8c31121-852b-46bd-9ba4-674ae5afe7ad) Attack Pattern Keylogging - T1417.001 (b1c95426-2550-4621-8028-ceebf28b3a47) Attack Pattern 2
Protected User Data - T1636 (11c2c2b7-1fd4-408f-bc2e-fe772ef9df5e) Attack Pattern Calendar Entries - T1636.001 (a9fa0d30-a8ff-45bf-922e-7720da0b7922) Attack Pattern 2
Protected User Data - T1636 (11c2c2b7-1fd4-408f-bc2e-fe772ef9df5e) Attack Pattern Contact List - T1636.003 (e0b9ecb8-a7d1-43c7-aa30-8e19c6a92c86) Attack Pattern 2
Internet Connection Discovery - T1422.001 (45a5fe76-eda3-4d40-8f22-c186efd6278d) Attack Pattern System Network Configuration Discovery - T1422 (d4536441-1bcc-49fa-80ae-a596ed3f7ffd) Attack Pattern 2
Wi-Fi Discovery - T1422.002 (be63612f-a48f-44f2-a7a6-1763509fcf80) Attack Pattern System Network Configuration Discovery - T1422 (d4536441-1bcc-49fa-80ae-a596ed3f7ffd) Attack Pattern 2