JUST RELEASED: ATT&CK for Industrial Control Systems

SOFTWARE

Android/Chuli.A

ANDROIDOS_ANSERVER.A

AutoIt backdoor

Backdoor.Oldrea

Exaramel for Linux

Exaramel for Windows

Hacking Team UEFI Rootkit

Olympic Destroyer

OSX_OCEANLOTUS.D

Pass-The-Hash Toolkit

Pegasus for Android

Pegasus for iOS

Trojan-SMS.AndroidOS.Agent.ao

Trojan-SMS.AndroidOS.FakeInst.a

Trojan-SMS.AndroidOS.OpFake.a

Trojan.Karagany

Windows Credential Editor

X-Agent for Android

SOFTWARE

1-9

A-B

Android/Chuli.A

ANDROIDOS_ANSERVER.A

AutoIt backdoor

Backdoor.Oldrea

C-D

E-F

Exaramel for Linux

Exaramel for Windows

G-H

Hacking Team UEFI Rootkit

I-J

K-L

M-N

O-P

Olympic Destroyer

OSX_OCEANLOTUS.D

Pass-The-Hash Toolkit

Pegasus for Android

Pegasus for iOS

Q-R

S-T

Trojan-SMS.AndroidOS.Agent.ao

Trojan-SMS.AndroidOS.FakeInst.a

Trojan-SMS.AndroidOS.OpFake.a

Trojan.Karagany

U-V

W-X

Windows Credential Editor

X-Agent for Android

Y-Z

OBAD

OBAD is an Android malware family. ^[1]

ID: S0286

Type: MALWARE

Platforms: Android

Version: 1.1

Created: 25 October 2017

Last Modified: 11 December 2018

Techniques Used

Domain	ID	Name	Use
Mobile	T1401	Abuse Device Administrator Access to Prevent Removal	OBAD abuses device administrator access to make it more difficult for users to remove the application.^[1]
Mobile	T1406	Obfuscated Files or Information	OBAD contains encrypted code along with an obfuscated decryption routine to make it difficult to analyze.^[1]

References

Veo Zhang. (2013, June 13). Cybercriminals Improve Android Malware Stealth Routines with OBAD. Retrieved December 9, 2016.