Skip to content

Hide Navigation Hide TOC

RedDrop - S0326 (9ed10b5a-ff20-467f-bf2f-d3fbf763e381)

RedDrop is an Android malware family that exfiltrates sensitive data from devices. (Citation: Wandera-RedDrop)

Cluster A Galaxy A Cluster B Galaxy B Level
Generate Traffic from Victim - T1643 (a8e971b8-8dc7-4514-8249-ae95427ec467) Attack Pattern RedDrop - S0326 (9ed10b5a-ff20-467f-bf2f-d3fbf763e381) Malware 1
System Information Discovery - T1426 (e2ea7f6b-8d4f-49c3-819d-660530d12b77) Attack Pattern RedDrop - S0326 (9ed10b5a-ff20-467f-bf2f-d3fbf763e381) Malware 1
Wi-Fi Discovery - T1422.002 (be63612f-a48f-44f2-a7a6-1763509fcf80) Attack Pattern RedDrop - S0326 (9ed10b5a-ff20-467f-bf2f-d3fbf763e381) Malware 1
RedDrop - S0326 (9ed10b5a-ff20-467f-bf2f-d3fbf763e381) Malware Audio Capture - T1429 (6683aa0c-d98a-4f5b-ac57-ca7e9934a760) Attack Pattern 1
Ingress Tool Transfer - T1544 (2bb20118-e6c0-41dc-a07c-283ea4dd0fb8) Attack Pattern RedDrop - S0326 (9ed10b5a-ff20-467f-bf2f-d3fbf763e381) Malware 1
RedDrop - S0326 (9ed10b5a-ff20-467f-bf2f-d3fbf763e381) Malware Exfiltration Over C2 Channel - T1646 (32063d7f-0a39-440d-a4a3-2694488f96cc) Attack Pattern 1
RedDrop - S0326 (9ed10b5a-ff20-467f-bf2f-d3fbf763e381) Malware Web Protocols - T1437.001 (2282a98b-5049-4f61-9381-55baca7c1add) Attack Pattern 1
RedDrop - S0326 (9ed10b5a-ff20-467f-bf2f-d3fbf763e381) Malware Internet Connection Discovery - T1422.001 (45a5fe76-eda3-4d40-8f22-c186efd6278d) Attack Pattern 1
RedDrop - S0326 (9ed10b5a-ff20-467f-bf2f-d3fbf763e381) Malware System Network Configuration Discovery - T1422 (d4536441-1bcc-49fa-80ae-a596ed3f7ffd) Attack Pattern 1
Wi-Fi Discovery - T1422.002 (be63612f-a48f-44f2-a7a6-1763509fcf80) Attack Pattern System Network Configuration Discovery - T1422 (d4536441-1bcc-49fa-80ae-a596ed3f7ffd) Attack Pattern 2
Application Layer Protocol - T1437 (6a3f6490-9c44-40de-b059-e5940f246673) Attack Pattern Web Protocols - T1437.001 (2282a98b-5049-4f61-9381-55baca7c1add) Attack Pattern 2
System Network Configuration Discovery - T1422 (d4536441-1bcc-49fa-80ae-a596ed3f7ffd) Attack Pattern Internet Connection Discovery - T1422.001 (45a5fe76-eda3-4d40-8f22-c186efd6278d) Attack Pattern 2