Register to stream ATT&CKcon 2.0 October 29-30

X-Agent for Android

X-Agent for Android is Android malware that was placed in a repackaged version of a Ukrainian artillery targeting application. The malware reportedly retrieved general location data on where the victim device was used, and therefore could likely indicate the potential location of Ukrainian artillery. [1] Is it tracked separately from the CHOPSTICK.

ID: S0314
Platforms: Android
Version: 1.1

Techniques Used

Domain ID Name Use
Mobile T1430 Location Tracking X-Agent for Android was believed to have been used to obtain locational data of Ukrainian artillery forces. [1]
Mobile T1444 Repackaged Application X-Agent for Android was placed in a repackaged version of an application used by Ukrainian artillery forces. [1]

Groups That Use This Software

ID Name References
G0007 APT28 [1]