Skip to content

Hide Navigation Hide TOC

Asacub - S0540 (a76b837b-93cc-417d-bf28-c47a6a284fa4)

Asacub is a banking trojan that attempts to steal money from victims’ bank accounts. It attempts to do this by initiating a wire transfer via SMS message from compromised devices.(Citation: Securelist Asacub)

Cluster A Galaxy A Cluster B Galaxy B Level
Archive Collected Data - T1532 (e3b936a4-6321-4172-9114-038a866362ec) Attack Pattern Asacub - S0540 (a76b837b-93cc-417d-bf28-c47a6a284fa4) Malware 1
Native API - T1575 (52eff1c7-dd30-4121-b762-24ae6fa61bbb) Attack Pattern Asacub - S0540 (a76b837b-93cc-417d-bf28-c47a6a284fa4) Malware 1
System Information Discovery - T1426 (e2ea7f6b-8d4f-49c3-819d-660530d12b77) Attack Pattern Asacub - S0540 (a76b837b-93cc-417d-bf28-c47a6a284fa4) Malware 1
Asacub - S0540 (a76b837b-93cc-417d-bf28-c47a6a284fa4) Malware Device Administrator Permissions - T1626.001 (9c049d7b-c92a-4733-9381-27e2bd2ccadc) Attack Pattern 1
Asacub - S0540 (a76b837b-93cc-417d-bf28-c47a6a284fa4) Malware Contact List - T1636.003 (e0b9ecb8-a7d1-43c7-aa30-8e19c6a92c86) Attack Pattern 1
Asacub - S0540 (a76b837b-93cc-417d-bf28-c47a6a284fa4) Malware Internet Connection Discovery - T1422.001 (45a5fe76-eda3-4d40-8f22-c186efd6278d) Attack Pattern 1
Asacub - S0540 (a76b837b-93cc-417d-bf28-c47a6a284fa4) Malware Web Protocols - T1437.001 (2282a98b-5049-4f61-9381-55baca7c1add) Attack Pattern 1
Asacub - S0540 (a76b837b-93cc-417d-bf28-c47a6a284fa4) Malware Match Legitimate Name or Location - T1655.001 (114fed8b-7eed-4136-8b9c-411c5c7fff4b) Attack Pattern 1
Asacub - S0540 (a76b837b-93cc-417d-bf28-c47a6a284fa4) Malware Obfuscated Files or Information - T1406 (d13fa042-8f26-44e1-a2a8-af0bf8e2ac9a) Attack Pattern 1
SMS Control - T1582 (b327a9c0-e709-495c-aa6e-00b042136e2b) Attack Pattern Asacub - S0540 (a76b837b-93cc-417d-bf28-c47a6a284fa4) Malware 1
Asacub - S0540 (a76b837b-93cc-417d-bf28-c47a6a284fa4) Malware System Network Configuration Discovery - T1422 (d4536441-1bcc-49fa-80ae-a596ed3f7ffd) Attack Pattern 1
Asacub - S0540 (a76b837b-93cc-417d-bf28-c47a6a284fa4) Malware SMS Messages - T1636.004 (c6421411-ae61-42bb-9098-73fddb315002) Attack Pattern 1
Abuse Elevation Control Mechanism - T1626 (08ea902d-ecb5-47ed-a453-2798057bb2d3) Attack Pattern Device Administrator Permissions - T1626.001 (9c049d7b-c92a-4733-9381-27e2bd2ccadc) Attack Pattern 2
Protected User Data - T1636 (11c2c2b7-1fd4-408f-bc2e-fe772ef9df5e) Attack Pattern Contact List - T1636.003 (e0b9ecb8-a7d1-43c7-aa30-8e19c6a92c86) Attack Pattern 2
System Network Configuration Discovery - T1422 (d4536441-1bcc-49fa-80ae-a596ed3f7ffd) Attack Pattern Internet Connection Discovery - T1422.001 (45a5fe76-eda3-4d40-8f22-c186efd6278d) Attack Pattern 2
Application Layer Protocol - T1437 (6a3f6490-9c44-40de-b059-e5940f246673) Attack Pattern Web Protocols - T1437.001 (2282a98b-5049-4f61-9381-55baca7c1add) Attack Pattern 2
Masquerading - T1655 (f856eaab-e84a-4265-a8a2-7bf37e5dc2fc) Attack Pattern Match Legitimate Name or Location - T1655.001 (114fed8b-7eed-4136-8b9c-411c5c7fff4b) Attack Pattern 2
Protected User Data - T1636 (11c2c2b7-1fd4-408f-bc2e-fe772ef9df5e) Attack Pattern SMS Messages - T1636.004 (c6421411-ae61-42bb-9098-73fddb315002) Attack Pattern 2