Skip to content

Hide Navigation Hide TOC

ViperRAT - S0506 (f666e17c-b290-43b3-8947-b96bd5148fbb)

ViperRAT is sophisticated surveillanceware that has been in operation since at least 2015 and was used to target the Israeli Defense Force.(Citation: Lookout ViperRAT)

Cluster A Galaxy A Cluster B Galaxy B Level
ViperRAT - S0506 (f666e17c-b290-43b3-8947-b96bd5148fbb) Malware Data from Local System - T1533 (e1c912a9-e305-434b-9172-8a6ce3ec9c4a) Attack Pattern 1
SMS Messages - T1636.004 (c6421411-ae61-42bb-9098-73fddb315002) Attack Pattern ViperRAT - S0506 (f666e17c-b290-43b3-8947-b96bd5148fbb) Malware 1
ViperRAT - S0506 (f666e17c-b290-43b3-8947-b96bd5148fbb) Malware System Information Discovery - T1426 (e2ea7f6b-8d4f-49c3-819d-660530d12b77) Attack Pattern 1
ViperRAT - S0506 (f666e17c-b290-43b3-8947-b96bd5148fbb) Malware Download New Code at Runtime - T1407 (6c49d50f-494d-4150-b774-a655022d20a6) Attack Pattern 1
ViperRAT - S0506 (f666e17c-b290-43b3-8947-b96bd5148fbb) Malware Location Tracking - T1430 (99e6295e-741b-4857-b6e5-64989eb039b4) Attack Pattern 1
ViperRAT - S0506 (f666e17c-b290-43b3-8947-b96bd5148fbb) Malware Call Log - T1636.002 (1d1b1558-c833-482e-aabb-d07ef6eae63d) Attack Pattern 1
Audio Capture - T1429 (6683aa0c-d98a-4f5b-ac57-ca7e9934a760) Attack Pattern ViperRAT - S0506 (f666e17c-b290-43b3-8947-b96bd5148fbb) Malware 1
ViperRAT - S0506 (f666e17c-b290-43b3-8947-b96bd5148fbb) Malware System Network Connections Discovery - T1421 (dd818ea5-adf5-41c7-93b5-f3b839a219fb) Attack Pattern 1
ViperRAT - S0506 (f666e17c-b290-43b3-8947-b96bd5148fbb) Malware Contact List - T1636.003 (e0b9ecb8-a7d1-43c7-aa30-8e19c6a92c86) Attack Pattern 1
Video Capture - T1512 (d8940e76-f9c1-4912-bea6-e21c251370b6) Attack Pattern ViperRAT - S0506 (f666e17c-b290-43b3-8947-b96bd5148fbb) Malware 1
Internet Connection Discovery - T1422.001 (45a5fe76-eda3-4d40-8f22-c186efd6278d) Attack Pattern ViperRAT - S0506 (f666e17c-b290-43b3-8947-b96bd5148fbb) Malware 1
ViperRAT - S0506 (f666e17c-b290-43b3-8947-b96bd5148fbb) Malware Match Legitimate Name or Location - T1655.001 (114fed8b-7eed-4136-8b9c-411c5c7fff4b) Attack Pattern 1
ViperRAT - S0506 (f666e17c-b290-43b3-8947-b96bd5148fbb) Malware System Network Configuration Discovery - T1422 (d4536441-1bcc-49fa-80ae-a596ed3f7ffd) Attack Pattern 1
Protected User Data - T1636 (11c2c2b7-1fd4-408f-bc2e-fe772ef9df5e) Attack Pattern SMS Messages - T1636.004 (c6421411-ae61-42bb-9098-73fddb315002) Attack Pattern 2
Protected User Data - T1636 (11c2c2b7-1fd4-408f-bc2e-fe772ef9df5e) Attack Pattern Call Log - T1636.002 (1d1b1558-c833-482e-aabb-d07ef6eae63d) Attack Pattern 2
Protected User Data - T1636 (11c2c2b7-1fd4-408f-bc2e-fe772ef9df5e) Attack Pattern Contact List - T1636.003 (e0b9ecb8-a7d1-43c7-aa30-8e19c6a92c86) Attack Pattern 2
Internet Connection Discovery - T1422.001 (45a5fe76-eda3-4d40-8f22-c186efd6278d) Attack Pattern System Network Configuration Discovery - T1422 (d4536441-1bcc-49fa-80ae-a596ed3f7ffd) Attack Pattern 2
Masquerading - T1655 (f856eaab-e84a-4265-a8a2-7bf37e5dc2fc) Attack Pattern Match Legitimate Name or Location - T1655.001 (114fed8b-7eed-4136-8b9c-411c5c7fff4b) Attack Pattern 2