AndroidOS/MalLocker.B - S0524 (9b86f8c3-33ab-44cf-a66d-c0fd6070e2ce)

AndroidOS/MalLocker.B is a variant of a ransomware family targeting Android devices. It prevents the user from interacting with the UI by displaying a screen containing a ransom note over all other windows. (Citation: Microsoft MalLockerB)

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
AndroidOS/MalLocker.B - S0524 (9b86f8c3-33ab-44cf-a66d-c0fd6070e2ce)	Malware	Obfuscated Files or Information - T1406 (d13fa042-8f26-44e1-a2a8-af0bf8e2ac9a)	Attack Pattern	1
AndroidOS/MalLocker.B - S0524 (9b86f8c3-33ab-44cf-a66d-c0fd6070e2ce)	Malware	Match Legitimate Name or Location - T1655.001 (114fed8b-7eed-4136-8b9c-411c5c7fff4b)	Attack Pattern	1
AndroidOS/MalLocker.B - S0524 (9b86f8c3-33ab-44cf-a66d-c0fd6070e2ce)	Malware	Broadcast Receivers - T1624.001 (3775a580-a1d1-46c4-8147-c614a715f2e9)	Attack Pattern	1
AndroidOS/MalLocker.B - S0524 (9b86f8c3-33ab-44cf-a66d-c0fd6070e2ce)	Malware	Device Lockout - T1629.002 (acf8fd2a-dc98-43b4-8d37-64e10728e591)	Attack Pattern	1
Masquerading - T1655 (f856eaab-e84a-4265-a8a2-7bf37e5dc2fc)	Attack Pattern	Match Legitimate Name or Location - T1655.001 (114fed8b-7eed-4136-8b9c-411c5c7fff4b)	Attack Pattern	2
Broadcast Receivers - T1624.001 (3775a580-a1d1-46c4-8147-c614a715f2e9)	Attack Pattern	Event Triggered Execution - T1624 (d446b9f0-06a9-4a8d-97ee-298cfee84f14)	Attack Pattern	2
Impair Defenses - T1629 (20b0931a-8952-42ca-975f-775bad295f1a)	Attack Pattern	Device Lockout - T1629.002 (acf8fd2a-dc98-43b4-8d37-64e10728e591)	Attack Pattern	2