Skip to content

Hide Navigation Hide TOC

SpyDealer - S0324 (86fc6f0c-86d9-473e-89f3-f50f3cb9319b)

SpyDealer is Android malware that exfiltrates sensitive data from Android devices. (Citation: PaloAlto-SpyDealer)

Cluster A Galaxy A Cluster B Galaxy B Level
Out of Band Data - T1644 (ec4c4baa-026f-43e8-8f56-58c36f3162dd) Attack Pattern SpyDealer - S0324 (86fc6f0c-86d9-473e-89f3-f50f3cb9319b) Malware 1
Stored Application Data - T1409 (702055ac-4e54-4ae9-9527-e23a38e0b160) Attack Pattern SpyDealer - S0324 (86fc6f0c-86d9-473e-89f3-f50f3cb9319b) Malware 1
SpyDealer - S0324 (86fc6f0c-86d9-473e-89f3-f50f3cb9319b) Malware Download New Code at Runtime - T1407 (6c49d50f-494d-4150-b774-a655022d20a6) Attack Pattern 1
Call Log - T1636.002 (1d1b1558-c833-482e-aabb-d07ef6eae63d) Attack Pattern SpyDealer - S0324 (86fc6f0c-86d9-473e-89f3-f50f3cb9319b) Malware 1
Compromise Client Software Binary - T1645 (4f14e30b-8b57-4a7b-9093-2c0778ea99cf) Attack Pattern SpyDealer - S0324 (86fc6f0c-86d9-473e-89f3-f50f3cb9319b) Malware 1
Location Tracking - T1430 (99e6295e-741b-4857-b6e5-64989eb039b4) Attack Pattern SpyDealer - S0324 (86fc6f0c-86d9-473e-89f3-f50f3cb9319b) Malware 1
SpyDealer - S0324 (86fc6f0c-86d9-473e-89f3-f50f3cb9319b) Malware Audio Capture - T1429 (6683aa0c-d98a-4f5b-ac57-ca7e9934a760) Attack Pattern 1
SpyDealer - S0324 (86fc6f0c-86d9-473e-89f3-f50f3cb9319b) Malware Contact List - T1636.003 (e0b9ecb8-a7d1-43c7-aa30-8e19c6a92c86) Attack Pattern 1
Screen Capture - T1513 (73c26732-6422-4081-8b63-6d0ae93d449e) Attack Pattern SpyDealer - S0324 (86fc6f0c-86d9-473e-89f3-f50f3cb9319b) Malware 1
SpyDealer - S0324 (86fc6f0c-86d9-473e-89f3-f50f3cb9319b) Malware Broadcast Receivers - T1624.001 (3775a580-a1d1-46c4-8147-c614a715f2e9) Attack Pattern 1
Video Capture - T1512 (d8940e76-f9c1-4912-bea6-e21c251370b6) Attack Pattern SpyDealer - S0324 (86fc6f0c-86d9-473e-89f3-f50f3cb9319b) Malware 1
SpyDealer - S0324 (86fc6f0c-86d9-473e-89f3-f50f3cb9319b) Malware Exploitation for Privilege Escalation - T1404 (351c0927-2fc1-4a2c-ad84-cbbee7eb8172) Attack Pattern 1
System Network Configuration Discovery - T1422 (d4536441-1bcc-49fa-80ae-a596ed3f7ffd) Attack Pattern SpyDealer - S0324 (86fc6f0c-86d9-473e-89f3-f50f3cb9319b) Malware 1
SMS Messages - T1636.004 (c6421411-ae61-42bb-9098-73fddb315002) Attack Pattern SpyDealer - S0324 (86fc6f0c-86d9-473e-89f3-f50f3cb9319b) Malware 1
Protected User Data - T1636 (11c2c2b7-1fd4-408f-bc2e-fe772ef9df5e) Attack Pattern Call Log - T1636.002 (1d1b1558-c833-482e-aabb-d07ef6eae63d) Attack Pattern 2
Protected User Data - T1636 (11c2c2b7-1fd4-408f-bc2e-fe772ef9df5e) Attack Pattern Contact List - T1636.003 (e0b9ecb8-a7d1-43c7-aa30-8e19c6a92c86) Attack Pattern 2
Event Triggered Execution - T1624 (d446b9f0-06a9-4a8d-97ee-298cfee84f14) Attack Pattern Broadcast Receivers - T1624.001 (3775a580-a1d1-46c4-8147-c614a715f2e9) Attack Pattern 2
Protected User Data - T1636 (11c2c2b7-1fd4-408f-bc2e-fe772ef9df5e) Attack Pattern SMS Messages - T1636.004 (c6421411-ae61-42bb-9098-73fddb315002) Attack Pattern 2