Escobar - S1092 (ec13d292-6d8d-4c7a-b07c-a2bd2402569a)

Escobar is an Android banking trojan, first detected in March 2021, believed to be a new variant of AbereBot.(Citation: Bleeipng Computer Escobar)

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
GUI Input Capture - T1417.002 (4c58b7c6-a839-4789-bda9-9de33e4d4512)	Attack Pattern	Escobar - S1092 (ec13d292-6d8d-4c7a-b07c-a2bd2402569a)	Malware	1
Escobar - S1092 (ec13d292-6d8d-4c7a-b07c-a2bd2402569a)	Malware	Stored Application Data - T1409 (702055ac-4e54-4ae9-9527-e23a38e0b160)	Attack Pattern	1
Escobar - S1092 (ec13d292-6d8d-4c7a-b07c-a2bd2402569a)	Malware	SMS Messages - T1636.004 (c6421411-ae61-42bb-9098-73fddb315002)	Attack Pattern	1
Escobar - S1092 (ec13d292-6d8d-4c7a-b07c-a2bd2402569a)	Malware	Remote Access Software - T1663 (0b761f2b-197a-40f2-b100-8152cb957c0c)	Attack Pattern	1
Call Control - T1616 (351ddf79-2d3a-41b4-9bef-82ea5d3ccd69)	Attack Pattern	Escobar - S1092 (ec13d292-6d8d-4c7a-b07c-a2bd2402569a)	Malware	1
Escobar - S1092 (ec13d292-6d8d-4c7a-b07c-a2bd2402569a)	Malware	Location Tracking - T1430 (99e6295e-741b-4857-b6e5-64989eb039b4)	Attack Pattern	1
Escobar - S1092 (ec13d292-6d8d-4c7a-b07c-a2bd2402569a)	Malware	Call Log - T1636.002 (1d1b1558-c833-482e-aabb-d07ef6eae63d)	Attack Pattern	1
Audio Capture - T1429 (6683aa0c-d98a-4f5b-ac57-ca7e9934a760)	Attack Pattern	Escobar - S1092 (ec13d292-6d8d-4c7a-b07c-a2bd2402569a)	Malware	1
Escobar - S1092 (ec13d292-6d8d-4c7a-b07c-a2bd2402569a)	Malware	File and Directory Discovery - T1420 (cf28ca46-1fd3-46b4-b1f6-ec0b72361848)	Attack Pattern	1
Escobar - S1092 (ec13d292-6d8d-4c7a-b07c-a2bd2402569a)	Malware	Lockscreen Bypass - T1461 (dfe29258-ce59-421c-9dee-e85cb9fa90cd)	Attack Pattern	1
Escobar - S1092 (ec13d292-6d8d-4c7a-b07c-a2bd2402569a)	Malware	Keylogging - T1417.001 (b1c95426-2550-4621-8028-ceebf28b3a47)	Attack Pattern	1
Video Capture - T1512 (d8940e76-f9c1-4912-bea6-e21c251370b6)	Attack Pattern	Escobar - S1092 (ec13d292-6d8d-4c7a-b07c-a2bd2402569a)	Malware	1
Escobar - S1092 (ec13d292-6d8d-4c7a-b07c-a2bd2402569a)	Malware	Access Notifications - T1517 (39dd7871-f59b-495f-a9a5-3cb8cc50c9b2)	Attack Pattern	1
Escobar - S1092 (ec13d292-6d8d-4c7a-b07c-a2bd2402569a)	Malware	Data from Local System - T1533 (e1c912a9-e305-434b-9172-8a6ce3ec9c4a)	Attack Pattern	1
Escobar - S1092 (ec13d292-6d8d-4c7a-b07c-a2bd2402569a)	Malware	SMS Control - T1582 (b327a9c0-e709-495c-aa6e-00b042136e2b)	Attack Pattern	1
Escobar - S1092 (ec13d292-6d8d-4c7a-b07c-a2bd2402569a)	Malware	Uninstall Malicious Application - T1630.001 (0cdd66ad-26ac-4338-a764-4972a1e17ee3)	Attack Pattern	1
GUI Input Capture - T1417.002 (4c58b7c6-a839-4789-bda9-9de33e4d4512)	Attack Pattern	Input Capture - T1417 (a8c31121-852b-46bd-9ba4-674ae5afe7ad)	Attack Pattern	2
Protected User Data - T1636 (11c2c2b7-1fd4-408f-bc2e-fe772ef9df5e)	Attack Pattern	SMS Messages - T1636.004 (c6421411-ae61-42bb-9098-73fddb315002)	Attack Pattern	2
Protected User Data - T1636 (11c2c2b7-1fd4-408f-bc2e-fe772ef9df5e)	Attack Pattern	Call Log - T1636.002 (1d1b1558-c833-482e-aabb-d07ef6eae63d)	Attack Pattern	2
Input Capture - T1417 (a8c31121-852b-46bd-9ba4-674ae5afe7ad)	Attack Pattern	Keylogging - T1417.001 (b1c95426-2550-4621-8028-ceebf28b3a47)	Attack Pattern	2
Indicator Removal on Host - T1630 (0d4e3bbb-7af5-4c88-a215-0c0906bc1e8d)	Attack Pattern	Uninstall Malicious Application - T1630.001 (0cdd66ad-26ac-4338-a764-4972a1e17ee3)	Attack Pattern	2