Skip to content

Hide Navigation Hide TOC

AndroRAT - S0292 (a3dad2be-ce62-4440-953b-00fbce7aba93)

AndroRAT is an open-source remote access tool for Android devices. AndroRAT is capable of collecting data, such as device location, call logs, etc., and is capable of executing actions, such as sending SMS messages and taking pictures.(Citation: Lookout-EnterpriseApps)(Citation: github_androrat)(Citation: Forcepoint BITTER Pakistan Oct 2016) It is originally available through the The404Hacking Github repository.(Citation: github_androrat)

Cluster A Galaxy A Cluster B Galaxy B Level
AndroRAT - S0292 (a3dad2be-ce62-4440-953b-00fbce7aba93) Malware Call Control - T1616 (351ddf79-2d3a-41b4-9bef-82ea5d3ccd69) Attack Pattern 1
AndroRAT - S0292 (a3dad2be-ce62-4440-953b-00fbce7aba93) Malware Call Log - T1636.002 (1d1b1558-c833-482e-aabb-d07ef6eae63d) Attack Pattern 1
AndroRAT - S0292 (a3dad2be-ce62-4440-953b-00fbce7aba93) Malware Location Tracking - T1430 (99e6295e-741b-4857-b6e5-64989eb039b4) Attack Pattern 1
AndroRAT - S0292 (a3dad2be-ce62-4440-953b-00fbce7aba93) Malware Audio Capture - T1429 (6683aa0c-d98a-4f5b-ac57-ca7e9934a760) Attack Pattern 1
AndroRAT - S0292 (a3dad2be-ce62-4440-953b-00fbce7aba93) Malware Contact List - T1636.003 (e0b9ecb8-a7d1-43c7-aa30-8e19c6a92c86) Attack Pattern 1
AndroRAT - S0292 (a3dad2be-ce62-4440-953b-00fbce7aba93) Malware AndroRAT (80447111-8085-40a4-a052-420926091ac6) Malpedia 1
AndroRAT - S0292 (a3dad2be-ce62-4440-953b-00fbce7aba93) Malware Match Legitimate Name or Location - T1655.001 (114fed8b-7eed-4136-8b9c-411c5c7fff4b) Attack Pattern 1
AndroRAT - S0292 (a3dad2be-ce62-4440-953b-00fbce7aba93) Malware Video Capture - T1512 (d8940e76-f9c1-4912-bea6-e21c251370b6) Attack Pattern 1
AndroRAT - S0292 (a3dad2be-ce62-4440-953b-00fbce7aba93) Malware SMS Control - T1582 (b327a9c0-e709-495c-aa6e-00b042136e2b) Attack Pattern 1
AndroRAT - S0292 (a3dad2be-ce62-4440-953b-00fbce7aba93) Malware System Network Configuration Discovery - T1422 (d4536441-1bcc-49fa-80ae-a596ed3f7ffd) Attack Pattern 1
AndroRAT - S0292 (a3dad2be-ce62-4440-953b-00fbce7aba93) Malware SMS Messages - T1636.004 (c6421411-ae61-42bb-9098-73fddb315002) Attack Pattern 1
Protected User Data - T1636 (11c2c2b7-1fd4-408f-bc2e-fe772ef9df5e) Attack Pattern Call Log - T1636.002 (1d1b1558-c833-482e-aabb-d07ef6eae63d) Attack Pattern 2
Protected User Data - T1636 (11c2c2b7-1fd4-408f-bc2e-fe772ef9df5e) Attack Pattern Contact List - T1636.003 (e0b9ecb8-a7d1-43c7-aa30-8e19c6a92c86) Attack Pattern 2
Masquerading - T1655 (f856eaab-e84a-4265-a8a2-7bf37e5dc2fc) Attack Pattern Match Legitimate Name or Location - T1655.001 (114fed8b-7eed-4136-8b9c-411c5c7fff4b) Attack Pattern 2
Protected User Data - T1636 (11c2c2b7-1fd4-408f-bc2e-fe772ef9df5e) Attack Pattern SMS Messages - T1636.004 (c6421411-ae61-42bb-9098-73fddb315002) Attack Pattern 2