Check out the results from our first round of ATT&CK Evaluations at attackevals.mitre.org!

Charger

Charger is Android malware that steals steals contacts and SMS messages from the user's device. It can also lock the device and demand ransom payment if it receives admin permissions. [1]

ID: S0323
Aliases: Charger
Type: MALWARE
Platforms: Android

Version: 1.1

Alias Descriptions

NameDescription
Charger[1]

Techniques Used

DomainIDNameUse
MobileT1432Access Contact ListCharger steals contacts from the victim user's device.[1]
MobileT1430Location TrackingCharger checks the local settings of the device and does not run its malicious logic if the device is located in Ukraine, Russia, or Belarus.[1]
MobileT1446Lock User Out of DeviceCharger locks the device if it is granted admin permissions, displaying a message demanding a "ransom" payment.[1]
MobileT1406Obfuscated or Encrypted PayloadCharger encodes strings into binary arrays to make it difficult to inspect them. It also loads code from encrypted resources dynamically and includes meaningless commands that mask the actual commands passing through.[1]

References