mirror of https://github.com/MISP/misp-galaxy
1974 lines
75 KiB
JSON
1974 lines
75 KiB
JSON
{
|
|
"name": "Mobile Attack - Relationship",
|
|
"type": "mitre-mobile-attack-relationship",
|
|
"description": "MITRE Relationship",
|
|
"version": 2,
|
|
"source": "https://github.com/mitre/cti",
|
|
"uuid": "02f1fc42-1708-11e8-a4f2-eb70472c5901",
|
|
"authors": [
|
|
"MITRE"
|
|
],
|
|
"values": [
|
|
{
|
|
"meta": {
|
|
"source-uuid": "bcecd036-f40e-4916-9f8e-fd0ccf0ece8d",
|
|
"target-uuid": "dfe29258-ce59-421c-9dee-e85cb9fa90cd"
|
|
},
|
|
"uuid": "6eca2456-fdcf-42e9-bcbb-a4c51ce54139",
|
|
"value": "Security Updates (MOB-M1001) mitigates Lockscreen Bypass (MOB-T1064)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "d1c600f8-0fb6-4367-921b-85b71947d950",
|
|
"target-uuid": "9d7c32f4-ab39-49dc-8055-8106bc2294a1"
|
|
},
|
|
"uuid": "69bb264a-3f44-4132-9248-dd80a9f5efa2",
|
|
"value": "Charger (MOB-S0039) uses Lock User Out of Device (MOB-T1049)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "0beabf44-e8d8-4ae4-9122-ef56369a2564",
|
|
"target-uuid": "c91c304a-975d-4501-9789-0db1c57afd3f"
|
|
},
|
|
"uuid": "ca7c3278-1d12-4e55-b320-39efa5a285db",
|
|
"value": "Use Recent OS Version (MOB-M1006) mitigates Exploit Baseband Vulnerability (MOB-T1058)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "20dbaf05-59b8-4dc6-8777-0b17f4553a23",
|
|
"target-uuid": "bd4d32f5-eed4-4018-a649-40b229dd1d69"
|
|
},
|
|
"uuid": "0008005f-ca51-47c3-8369-55ee5de1c65a",
|
|
"value": "SpyNote RAT (MOB-S0021) uses App Auto-Start at Device Boot (MOB-T1005)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "f6ac21b6-2592-400c-8472-10d0e2f1bfaf",
|
|
"target-uuid": "e8b4e1ec-8e3b-484c-9038-4459b1ed8060"
|
|
},
|
|
"uuid": "18d3f4c7-2888-4d27-9ac7-b7ade1a1c04c",
|
|
"value": "Adups (MOB-S0025) uses Capture SMS Messages (MOB-T1015)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "363bc05d-13cb-4e98-a5b7-e250f2bbdc2b",
|
|
"target-uuid": "702055ac-4e54-4ae9-9527-e23a38e0b160"
|
|
},
|
|
"uuid": "4088b31b-d542-4935-84b4-82b592159591",
|
|
"value": "RCSAndroid (MOB-S0011) uses Access Sensitive Data or Credentials in Files (MOB-T1012)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "363bc05d-13cb-4e98-a5b7-e250f2bbdc2b",
|
|
"target-uuid": "99e6295e-741b-4857-b6e5-64989eb039b4"
|
|
},
|
|
"uuid": "da4296d7-5fdb-45b6-9791-b023d634c08d",
|
|
"value": "RCSAndroid (MOB-S0011) uses Location Tracking (MOB-T1033)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "8220b57e-c400-4525-bf69-f8edc6b389a8",
|
|
"target-uuid": "f58cd69a-e548-478b-9248-8a9af881dc34"
|
|
},
|
|
"uuid": "690111d3-c281-4d55-a7ed-73b8dab72a85",
|
|
"value": "Encrypt Network Traffic (MOB-M1009) mitigates Downgrade to Insecure Protocols (MOB-T1069)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "1553b156-6767-47f7-9eb4-2a692505666d",
|
|
"target-uuid": "e30cc912-7ea1-4683-9219-543b86cbdec9"
|
|
},
|
|
"uuid": "a834341f-d909-41e3-adaf-5f3450e4090e",
|
|
"value": "Application Vetting (MOB-M1005) mitigates Fake Developer Accounts (MOB-T1045)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "05c4f87c-be8f-46ea-8d9a-2a0aad8f52c1",
|
|
"target-uuid": "79eec66a-9bd0-4a3f-ac82-19159e94bd44"
|
|
},
|
|
"uuid": "c65661a6-6047-4901-ac2c-3ca4b1bbbb28",
|
|
"value": "DroidJack RAT (MOB-S0036) uses Access Call Log (MOB-T1036)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "1553b156-6767-47f7-9eb4-2a692505666d",
|
|
"target-uuid": "29e07491-8947-43a3-8d4e-9a787c45f3d3"
|
|
},
|
|
"uuid": "9e83607e-2936-4f25-b6d2-c357846840f3",
|
|
"value": "Application Vetting (MOB-M1005) mitigates Access Sensitive Data in Device Logs (MOB-T1016)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "0beabf44-e8d8-4ae4-9122-ef56369a2564",
|
|
"target-uuid": "88932a8c-3a17-406f-9431-1da3ff19f6d6"
|
|
},
|
|
"uuid": "ebdb9385-6311-4532-b021-2da48734aab7",
|
|
"value": "Use Recent OS Version (MOB-M1006) mitigates Modify cached executable code (MOB-T1006)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "c8770c81-c29f-40d2-a140-38544206b2b4",
|
|
"target-uuid": "76c12fc8-a4eb-45d6-a3b7-e371a7248f69"
|
|
},
|
|
"uuid": "f947d845-4d70-41f3-ae3c-18ea8b44e667",
|
|
"value": "HummingBad (MOB-S0038) uses Manipulate App Store Rankings or Ratings (MOB-T1055)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "1553b156-6767-47f7-9eb4-2a692505666d",
|
|
"target-uuid": "dd818ea5-adf5-41c7-93b5-f3b839a219fb"
|
|
},
|
|
"uuid": "de1b1f92-c060-4d8c-81bf-465b7fb21be4",
|
|
"value": "Application Vetting (MOB-M1005) mitigates Local Network Connections Discovery (MOB-T1024)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "d2a199d2-dfea-4d0c-987d-6195ed17be9c",
|
|
"target-uuid": "702055ac-4e54-4ae9-9527-e23a38e0b160"
|
|
},
|
|
"uuid": "be2895e2-7e1d-4467-8b6a-ac06b17ce0bb",
|
|
"value": "Use Device-Provided Credential Storage (MOB-M1008) mitigates Access Sensitive Data or Credentials in Files (MOB-T1012)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "e829ee51-1caf-4665-ba15-7f8979634124",
|
|
"target-uuid": "52651225-0b3a-482d-aa7e-10618fd063b5"
|
|
},
|
|
"uuid": "6f8b3839-ea91-44d5-ba68-b9d1e6076c19",
|
|
"value": "Interconnection Filtering (MOB-M1014) mitigates Exploit SS7 to Track Device Location (MOB-T1053)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "1553b156-6767-47f7-9eb4-2a692505666d",
|
|
"target-uuid": "79eec66a-9bd0-4a3f-ac82-19159e94bd44"
|
|
},
|
|
"uuid": "69d6f3fc-17ea-4a32-b4dd-a006c75362d6",
|
|
"value": "Application Vetting (MOB-M1005) mitigates Access Call Log (MOB-T1036)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "653492e3-27be-4a0e-b08c-938dd2b7e0e1",
|
|
"target-uuid": "6b846ad0-cc20-4db6-aa34-91561397c5e2"
|
|
},
|
|
"uuid": "b104c62f-771c-46c5-afc4-a964a94cea50",
|
|
"value": "User Guidance (MOB-M1011) mitigates App Delivered via Web Download (MOB-T1034)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "1553b156-6767-47f7-9eb4-2a692505666d",
|
|
"target-uuid": "6683aa0c-d98a-4f5b-ac57-ca7e9934a760"
|
|
},
|
|
"uuid": "50986206-ad56-4dea-baed-846545fb2f5a",
|
|
"value": "Application Vetting (MOB-M1005) mitigates Microphone or Camera Recordings (MOB-T1032)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "c8770c81-c29f-40d2-a140-38544206b2b4",
|
|
"target-uuid": "f981d199-2720-467e-9dc9-eea04dbe05cf"
|
|
},
|
|
"uuid": "ac523dfb-36be-4402-acf2-abe98e183eef",
|
|
"value": "HummingBad (MOB-S0038) uses Generate Fraudulent Advertising Revenue (MOB-T1075)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "25dc1ce8-eb55-4333-ae30-a7cb4f5894a1",
|
|
"target-uuid": "29e07491-8947-43a3-8d4e-9a787c45f3d3"
|
|
},
|
|
"uuid": "fab8c40d-b934-4ee0-8e83-f017af2e347a",
|
|
"value": "Application Developer Guidance (MOB-M1013) mitigates Access Sensitive Data in Device Logs (MOB-T1016)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "3c3b55a6-c3e9-4043-8aae-283fe96220c0",
|
|
"target-uuid": "6c49d50f-494d-4150-b774-a655022d20a6"
|
|
},
|
|
"uuid": "d54bdaff-8eb8-4a02-9f64-bc33c892e9d1",
|
|
"value": "ZergHelper (MOB-S0003) uses Download New Code at Runtime (MOB-T1010)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "d9e07aea-baad-4b68-bdca-90c77647d7f9",
|
|
"target-uuid": "b928b94a-4966-4e2a-9e61-36505b896ebc"
|
|
},
|
|
"uuid": "8e4b2305-1280-4456-8ec7-93c66da5c674",
|
|
"value": "XcodeGhost (MOB-S0013) uses Malicious Software Development Tools (MOB-T1065)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "a3dad2be-ce62-4440-953b-00fbce7aba93",
|
|
"target-uuid": "79eec66a-9bd0-4a3f-ac82-19159e94bd44"
|
|
},
|
|
"uuid": "290a627d-172d-494d-a0cc-685f480a1034",
|
|
"value": "AndroRAT (MOB-S0008) uses Access Call Log (MOB-T1036)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "936be60d-90eb-4c36-9247-4b31128432c4",
|
|
"target-uuid": "e2ea7f6b-8d4f-49c3-819d-660530d12b77"
|
|
},
|
|
"uuid": "bb3be217-08e2-4bb0-9f1a-d8e538010451",
|
|
"value": "RuMMS (MOB-S0029) uses System Information Discovery (MOB-T1029)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "8220b57e-c400-4525-bf69-f8edc6b389a8",
|
|
"target-uuid": "d731c21e-f27d-4756-b418-0e2aaabd6d63"
|
|
},
|
|
"uuid": "74155759-4c76-42d3-b64f-a898f7b582f9",
|
|
"value": "Encrypt Network Traffic (MOB-M1009) mitigates Manipulate Device Communication (MOB-T1066)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "1553b156-6767-47f7-9eb4-2a692505666d",
|
|
"target-uuid": "bd4d32f5-eed4-4018-a649-40b229dd1d69"
|
|
},
|
|
"uuid": "8e94da58-86b7-4a45-886e-6da58828eacd",
|
|
"value": "Application Vetting (MOB-M1005) mitigates App Auto-Start at Device Boot (MOB-T1005)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "bcecd036-f40e-4916-9f8e-fd0ccf0ece8d",
|
|
"target-uuid": "46d818a5-67fa-4585-a7fc-ecf15376c8d5"
|
|
},
|
|
"uuid": "4cf9511e-da0e-4055-bc8c-56121ae120d2",
|
|
"value": "Security Updates (MOB-M1001) mitigates Modify OS Kernel or Boot Partition (MOB-T1001)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "bcecd036-f40e-4916-9f8e-fd0ccf0ece8d",
|
|
"target-uuid": "f1c3d071-0c24-483d-aca0-e8b8496ce468"
|
|
},
|
|
"uuid": "62480750-2218-4ea0-b168-b9035b9ee998",
|
|
"value": "Security Updates (MOB-M1001) mitigates Modify Trusted Execution Environment (MOB-T1002)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "c80a6bef-b3ce-44d0-b113-946e93124898",
|
|
"target-uuid": "a93ccb8f-3996-42e2-b7c7-bb599d4e205f"
|
|
},
|
|
"uuid": "ebc0aa93-93ac-4b7e-ad87-9d5743a09c8e",
|
|
"value": "Shedun (MOB-S0010) uses Repackaged Application (MOB-T1047)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "56660521-6db4-4e5a-a927-464f22954b7c",
|
|
"target-uuid": "99e6295e-741b-4857-b6e5-64989eb039b4"
|
|
},
|
|
"uuid": "9e66ec3b-cdd6-461c-bd84-e75316818e15",
|
|
"value": "X-Agent (MOB-S0030) uses Location Tracking (MOB-T1033)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "649f7268-4c12-483b-ac84-4b7bca9fe2ee",
|
|
"target-uuid": "633baf01-6de4-4963-bb54-ff6c6357bed3"
|
|
},
|
|
"uuid": "cda9f3cf-01e4-41b3-8e45-4dda9fe5eb30",
|
|
"value": "Enterprise Policy (MOB-M1012) mitigates Rogue Wi-Fi Access Points (MOB-T1068)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "a3dad2be-ce62-4440-953b-00fbce7aba93",
|
|
"target-uuid": "6683aa0c-d98a-4f5b-ac57-ca7e9934a760"
|
|
},
|
|
"uuid": "b4180067-52b6-4109-91df-52fd9a7ed2e8",
|
|
"value": "AndroRAT (MOB-S0008) uses Microphone or Camera Recordings (MOB-T1032)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "936be60d-90eb-4c36-9247-4b31128432c4",
|
|
"target-uuid": "6a3f6490-9c44-40de-b059-e5940f246673"
|
|
},
|
|
"uuid": "4d7e937d-7ea1-49cb-939c-5244815e51d7",
|
|
"value": "RuMMS (MOB-S0029) uses Standard Application Layer Protocol (MOB-T1040)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "f6ac21b6-2592-400c-8472-10d0e2f1bfaf",
|
|
"target-uuid": "f9e4f526-ac9d-4df5-8949-833a82a1d2df"
|
|
},
|
|
"uuid": "d792bffd-6745-4da6-a70f-2d5843ef05ca",
|
|
"value": "Adups (MOB-S0025) uses Malicious or Vulnerable Built-in Device Functionality (MOB-T1076)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "1553b156-6767-47f7-9eb4-2a692505666d",
|
|
"target-uuid": "c4b96c0b-cb58-497a-a1c2-bb447d79d692"
|
|
},
|
|
"uuid": "ba556d98-4ff2-43a4-bb93-52f99265ff99",
|
|
"value": "Application Vetting (MOB-M1005) mitigates Capture Clipboard Data (MOB-T1017)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "d9e07aea-baad-4b68-bdca-90c77647d7f9",
|
|
"target-uuid": "c4b96c0b-cb58-497a-a1c2-bb447d79d692"
|
|
},
|
|
"uuid": "2de76a24-ec87-4808-b0d3-b84d318ac22c",
|
|
"value": "XcodeGhost (MOB-S0013) uses Capture Clipboard Data (MOB-T1017)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "d05f7357-4cbe-47ea-bf83-b8604226d533",
|
|
"target-uuid": "99e6295e-741b-4857-b6e5-64989eb039b4"
|
|
},
|
|
"uuid": "9c7c302a-d5ba-4fc9-a4e5-e865fd7fb708",
|
|
"value": "Android/Chuli.A (MOB-S0020) uses Location Tracking (MOB-T1033)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "d1c600f8-0fb6-4367-921b-85b71947d950",
|
|
"target-uuid": "99e6295e-741b-4857-b6e5-64989eb039b4"
|
|
},
|
|
"uuid": "85c7e956-3ce5-4495-b52e-385ae2ee4f9b",
|
|
"value": "Charger (MOB-S0039) uses Location Tracking (MOB-T1033)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "363bc05d-13cb-4e98-a5b7-e250f2bbdc2b",
|
|
"target-uuid": "b3c2e5de-0941-4b57-ba61-af029eb5517a"
|
|
},
|
|
"uuid": "8cb42e3d-69f4-4b0d-98c9-0bb7560947c1",
|
|
"value": "RCSAndroid (MOB-S0011) uses Alternate Network Mediums (MOB-T1041)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "33d9d91d-aad9-49d5-a516-220ce101ac8a",
|
|
"target-uuid": "e2ea7f6b-8d4f-49c3-819d-660530d12b77"
|
|
},
|
|
"uuid": "7af7d094-3a49-4e5e-99d0-385c79f95f06",
|
|
"value": "Pegasus (MOB-S0005) uses System Information Discovery (MOB-T1029)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "363bc05d-13cb-4e98-a5b7-e250f2bbdc2b",
|
|
"target-uuid": "e8b4e1ec-8e3b-484c-9038-4459b1ed8060"
|
|
},
|
|
"uuid": "2065382f-45ae-4b9a-a77c-027ecd6c1735",
|
|
"value": "RCSAndroid (MOB-S0011) uses Capture SMS Messages (MOB-T1015)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "653492e3-27be-4a0e-b08c-938dd2b7e0e1",
|
|
"target-uuid": "537ea573-8a1c-468c-956b-d16d2ed9d067"
|
|
},
|
|
"uuid": "69efe716-affe-419e-ac06-924d2e416695",
|
|
"value": "User Guidance (MOB-M1011) mitigates Remotely Wipe Data Without Authorization (MOB-T1072)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "1553b156-6767-47f7-9eb4-2a692505666d",
|
|
"target-uuid": "e8b4e1ec-8e3b-484c-9038-4459b1ed8060"
|
|
},
|
|
"uuid": "16f55053-285d-411d-881c-6f8c1bdef8d7",
|
|
"value": "Application Vetting (MOB-M1005) mitigates Capture SMS Messages (MOB-T1015)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "649f7268-4c12-483b-ac84-4b7bca9fe2ee",
|
|
"target-uuid": "667e5707-3843-4da8-bd34-88b922526f0d"
|
|
},
|
|
"uuid": "eb6dbe2a-6f76-4bce-ab37-66ec67148041",
|
|
"value": "Enterprise Policy (MOB-M1012) mitigates Exploit via Charging Station or PC (MOB-T1061)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "bcecd036-f40e-4916-9f8e-fd0ccf0ece8d",
|
|
"target-uuid": "ef771e03-e080-43b4-a619-ac6f84899884"
|
|
},
|
|
"uuid": "6d8ea31a-da35-442a-8e0d-1d0c0dcdf14b",
|
|
"value": "Security Updates (MOB-M1001) mitigates Exploit TEE Vulnerability (MOB-T1008)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "d05f7357-4cbe-47ea-bf83-b8604226d533",
|
|
"target-uuid": "89fcd02f-62dc-40b9-a54b-9ac4b1baef05"
|
|
},
|
|
"uuid": "83991b5c-59b9-4fe5-9ef2-39c6ddc8b835",
|
|
"value": "Android/Chuli.A (MOB-S0020) uses Device Type Discovery (MOB-T1022)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "653492e3-27be-4a0e-b08c-938dd2b7e0e1",
|
|
"target-uuid": "6f86d346-f092-4abc-80df-8558a90c426a"
|
|
},
|
|
"uuid": "0818895a-0d6d-47cc-ad34-a09bdb76a81b",
|
|
"value": "User Guidance (MOB-M1011) mitigates Remotely Track Device Without Authorization (MOB-T1071)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "0beabf44-e8d8-4ae4-9122-ef56369a2564",
|
|
"target-uuid": "9d7c32f4-ab39-49dc-8055-8106bc2294a1"
|
|
},
|
|
"uuid": "4d2d892c-9d3a-445c-b9bf-1eab45703dcc",
|
|
"value": "Use Recent OS Version (MOB-M1006) mitigates Lock User Out of Device (MOB-T1049)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "c709da93-20c3-4d17-ab68-48cba76b2137",
|
|
"target-uuid": "d4536441-1bcc-49fa-80ae-a596ed3f7ffd"
|
|
},
|
|
"uuid": "789cb76e-27b0-4762-a2f7-3ff32ce0762d",
|
|
"value": "PJApps (MOB-S0007) uses Local Network Configuration Discovery (MOB-T1025)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "c8770c81-c29f-40d2-a140-38544206b2b4",
|
|
"target-uuid": "351c0927-2fc1-4a2c-ad84-cbbee7eb8172"
|
|
},
|
|
"uuid": "d87b468e-f610-4e95-8dfb-8cf029f0e891",
|
|
"value": "HummingBad (MOB-S0038) uses Exploit OS Vulnerability (MOB-T1007)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "2074b2ad-612e-4758-adce-7901c1b49bbc",
|
|
"target-uuid": "46d818a5-67fa-4585-a7fc-ecf15376c8d5"
|
|
},
|
|
"uuid": "373f33be-9b40-44f5-bfd3-db2a9f5fa72c",
|
|
"value": "OldBoot (MOB-S0001) uses Modify OS Kernel or Boot Partition (MOB-T1001)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "bcecd036-f40e-4916-9f8e-fd0ccf0ece8d",
|
|
"target-uuid": "a0464539-e1b7-4455-a355-12495987c300"
|
|
},
|
|
"uuid": "2388ba94-8e49-40d0-a697-eea948e6cfb6",
|
|
"value": "Security Updates (MOB-M1001) mitigates Attack PC via USB Connection (MOB-T1030)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "0beabf44-e8d8-4ae4-9122-ef56369a2564",
|
|
"target-uuid": "702055ac-4e54-4ae9-9527-e23a38e0b160"
|
|
},
|
|
"uuid": "3ebcd3d8-dd8e-4cc9-8087-ce9e93df6f56",
|
|
"value": "Use Recent OS Version (MOB-M1006) mitigates Access Sensitive Data or Credentials in Files (MOB-T1012)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "653492e3-27be-4a0e-b08c-938dd2b7e0e1",
|
|
"target-uuid": "0c71033e-401e-4b97-9309-7a7c95e43a5d"
|
|
},
|
|
"uuid": "2bd272ca-8a14-42cd-9664-6cc6f7451e42",
|
|
"value": "User Guidance (MOB-M1011) mitigates Obtain Device Cloud Backups (MOB-T1073)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "33d9d91d-aad9-49d5-a516-220ce101ac8a",
|
|
"target-uuid": "b3c2e5de-0941-4b57-ba61-af029eb5517a"
|
|
},
|
|
"uuid": "4f2ae057-ef0b-4995-b24d-348a76a74a4f",
|
|
"value": "Pegasus (MOB-S0005) uses Alternate Network Mediums (MOB-T1041)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "93799a9d-3537-43d8-b6f4-17215de1657c",
|
|
"target-uuid": "d4536441-1bcc-49fa-80ae-a596ed3f7ffd"
|
|
},
|
|
"uuid": "db3fc82d-d353-438d-aa5e-9b5e7e60f0ac",
|
|
"value": "Pegasus for Android (MOB-S0032) uses Local Network Configuration Discovery (MOB-T1025)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "0beabf44-e8d8-4ae4-9122-ef56369a2564",
|
|
"target-uuid": "667e5707-3843-4da8-bd34-88b922526f0d"
|
|
},
|
|
"uuid": "abd2e863-4bd3-4686-b2aa-f8a097a41c99",
|
|
"value": "Use Recent OS Version (MOB-M1006) mitigates Exploit via Charging Station or PC (MOB-T1061)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "1553b156-6767-47f7-9eb4-2a692505666d",
|
|
"target-uuid": "a8c31121-852b-46bd-9ba4-674ae5afe7ad"
|
|
},
|
|
"uuid": "903660e1-3996-4ed2-9e7a-4f8c397a71eb",
|
|
"value": "Application Vetting (MOB-M1005) mitigates Malicious Third Party Keyboard App (MOB-T1020)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "0beabf44-e8d8-4ae4-9122-ef56369a2564",
|
|
"target-uuid": "82f04b1e-5371-4a6f-be06-411f0f43b483"
|
|
},
|
|
"uuid": "b2c289bf-e981-4bcd-87dd-b6c0680557e9",
|
|
"value": "Use Recent OS Version (MOB-M1006) mitigates Abuse Device Administrator Access to Prevent Removal (MOB-T1004)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "93799a9d-3537-43d8-b6f4-17215de1657c",
|
|
"target-uuid": "198ce408-1470-45ee-b47f-7056050d4fc2"
|
|
},
|
|
"uuid": "f5fab17b-43e7-46ff-bdea-eb8c52a0c6c3",
|
|
"value": "Pegasus for Android (MOB-S0032) uses Application Discovery (MOB-T1021)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "e944670c-d03a-4e93-a21c-b3d4c53ec4c9",
|
|
"target-uuid": "8e27551a-5080-4148-a584-c64348212e4f"
|
|
},
|
|
"uuid": "465ff71b-2b1b-43b6-ab78-afb273d956d2",
|
|
"value": "Caution with Device Administrator Access (MOB-M1007) mitigates Wipe Device Data (MOB-T1050)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "e13d084c-382f-40fd-aa9a-98d69e20301e",
|
|
"target-uuid": "6c49d50f-494d-4150-b774-a655022d20a6"
|
|
},
|
|
"uuid": "706c698c-aa8d-4fac-a6c1-2e047c3f965c",
|
|
"value": "BrainTest (MOB-S0009) uses Download New Code at Runtime (MOB-T1010)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "05c4f87c-be8f-46ea-8d9a-2a0aad8f52c1",
|
|
"target-uuid": "6683aa0c-d98a-4f5b-ac57-ca7e9934a760"
|
|
},
|
|
"uuid": "69de3f7e-faa7-4342-b755-4777a68fd89b",
|
|
"value": "DroidJack RAT (MOB-S0036) uses Microphone or Camera Recordings (MOB-T1032)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "1553b156-6767-47f7-9eb4-2a692505666d",
|
|
"target-uuid": "8f142a25-f6c3-4520-bd50-2ae3ab50ed3e"
|
|
},
|
|
"uuid": "3a446bee-007b-4b1f-849e-60e9d39c2e92",
|
|
"value": "Application Vetting (MOB-M1005) mitigates URL Scheme Hijacking (MOB-T1018)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "363bc05d-13cb-4e98-a5b7-e250f2bbdc2b",
|
|
"target-uuid": "6c49d50f-494d-4150-b774-a655022d20a6"
|
|
},
|
|
"uuid": "8d027310-93a0-4046-b7ad-d1f461f30838",
|
|
"value": "RCSAndroid (MOB-S0011) uses Download New Code at Runtime (MOB-T1010)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "0beabf44-e8d8-4ae4-9122-ef56369a2564",
|
|
"target-uuid": "a0464539-e1b7-4455-a355-12495987c300"
|
|
},
|
|
"uuid": "09fa9342-34cb-4f0d-8cdf-df4d51d0ae12",
|
|
"value": "Use Recent OS Version (MOB-M1006) mitigates Attack PC via USB Connection (MOB-T1030)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "1553b156-6767-47f7-9eb4-2a692505666d",
|
|
"target-uuid": "ef771e03-e080-43b4-a619-ac6f84899884"
|
|
},
|
|
"uuid": "a01af4da-0910-4a20-805f-86b3ae1dc046",
|
|
"value": "Application Vetting (MOB-M1005) mitigates Exploit TEE Vulnerability (MOB-T1008)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "3c3b55a6-c3e9-4043-8aae-283fe96220c0",
|
|
"target-uuid": "51aedbd6-2837-4d15-aeb0-cb09f2bf22ac"
|
|
},
|
|
"uuid": "40581c90-e948-4e91-8530-a9bc59cce9d7",
|
|
"value": "ZergHelper (MOB-S0003) uses Abuse of iOS Enterprise App Signing Key (MOB-T1048)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "ca4f63b9-a358-4214-bb26-8c912318cfde",
|
|
"target-uuid": "82f04b1e-5371-4a6f-be06-411f0f43b483"
|
|
},
|
|
"uuid": "51757971-17ac-40c3-bae7-78365579db49",
|
|
"value": "OBAD (MOB-S0002) uses Abuse Device Administrator Access to Prevent Removal (MOB-T1004)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "da21929e-40c0-443d-bdf4-6b60d15448b4",
|
|
"target-uuid": "9d7c32f4-ab39-49dc-8055-8106bc2294a1"
|
|
},
|
|
"uuid": "1218ed50-bd44-4f37-baba-1aae998b5a1f",
|
|
"value": "Xbot (MOB-S0014) uses Lock User Out of Device (MOB-T1049)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "93799a9d-3537-43d8-b6f4-17215de1657c",
|
|
"target-uuid": "702055ac-4e54-4ae9-9527-e23a38e0b160"
|
|
},
|
|
"uuid": "3f973c3c-45f8-432a-9859-e8749f2e7418",
|
|
"value": "Pegasus for Android (MOB-S0032) uses Access Sensitive Data or Credentials in Files (MOB-T1012)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "d1c600f8-0fb6-4367-921b-85b71947d950",
|
|
"target-uuid": "d13fa042-8f26-44e1-a2a8-af0bf8e2ac9a"
|
|
},
|
|
"uuid": "bee6407a-1f05-4f91-b6e7-a8f8b58fa421",
|
|
"value": "Charger (MOB-S0039) uses Obfuscated or Encrypted Payload (MOB-T1009)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "33d9d91d-aad9-49d5-a516-220ce101ac8a",
|
|
"target-uuid": "702055ac-4e54-4ae9-9527-e23a38e0b160"
|
|
},
|
|
"uuid": "a290a8ca-e650-456c-b33e-03343fe5ea4e",
|
|
"value": "Pegasus (MOB-S0005) uses Access Sensitive Data or Credentials in Files (MOB-T1012)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "cf2cccb1-cab8-431a-8ecf-f7874d05f433",
|
|
"target-uuid": "9d7c32f4-ab39-49dc-8055-8106bc2294a1"
|
|
},
|
|
"uuid": "1ed76ca9-0ed6-40f9-89c6-64662fdd447d",
|
|
"value": "Deploy Compromised Device Detection Method (MOB-M1010) mitigates Lock User Out of Device (MOB-T1049)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "e829ee51-1caf-4665-ba15-7f8979634124",
|
|
"target-uuid": "fb3fa94a-3aee-4ab0-b7e7-abdf0a51286d"
|
|
},
|
|
"uuid": "26a9db86-5ecf-400a-bdd9-419448c2f776",
|
|
"value": "Interconnection Filtering (MOB-M1014) mitigates Exploit SS7 to Redirect Phone Calls/SMS (MOB-T1052)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "f6ac21b6-2592-400c-8472-10d0e2f1bfaf",
|
|
"target-uuid": "79eec66a-9bd0-4a3f-ac82-19159e94bd44"
|
|
},
|
|
"uuid": "e87aa0d6-241f-4f72-bdb6-54e8d5584ae2",
|
|
"value": "Adups (MOB-S0025) uses Access Call Log (MOB-T1036)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "8ccd428d-39da-4e8f-a55b-d48ea1d56e58",
|
|
"target-uuid": "46d818a5-67fa-4585-a7fc-ecf15376c8d5"
|
|
},
|
|
"uuid": "ce6c7f21-91a5-4d63-bd03-a6b57e025afe",
|
|
"value": "Lock Bootloader (MOB-M1003) mitigates Modify OS Kernel or Boot Partition (MOB-T1001)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "bcecd036-f40e-4916-9f8e-fd0ccf0ece8d",
|
|
"target-uuid": "f296fc9c-2ff5-43ee-941e-6b49c438270a"
|
|
},
|
|
"uuid": "2f5da3a1-19da-421f-be48-cfdcd3c79be1",
|
|
"value": "Security Updates (MOB-M1001) mitigates Device Unlock Code Guessing or Brute Force (MOB-T1062)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "4bf6ba32-4165-42c1-b911-9c36165891c8",
|
|
"target-uuid": "6a3f6490-9c44-40de-b059-e5940f246673"
|
|
},
|
|
"uuid": "f2e23cb7-7bac-4938-91ea-7dd42b41ba29",
|
|
"value": "ANDROIDOS_ANSERVER.A (MOB-S0026) uses Standard Application Layer Protocol (MOB-T1040)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "1553b156-6767-47f7-9eb4-2a692505666d",
|
|
"target-uuid": "62adb627-f647-498e-b4cc-41499361bacb"
|
|
},
|
|
"uuid": "85328449-c231-444d-905a-2988c14d3e82",
|
|
"value": "Application Vetting (MOB-M1005) mitigates Access Calendar Entries (MOB-T1038)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "1553b156-6767-47f7-9eb4-2a692505666d",
|
|
"target-uuid": "82f04b1e-5371-4a6f-be06-411f0f43b483"
|
|
},
|
|
"uuid": "4a697724-4457-436b-97ad-9d6f445fb6b0",
|
|
"value": "Application Vetting (MOB-M1005) mitigates Abuse Device Administrator Access to Prevent Removal (MOB-T1004)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "326eaf7b-5784-4f08-8fc2-61fd5d5bc5fb",
|
|
"target-uuid": "d13fa042-8f26-44e1-a2a8-af0bf8e2ac9a"
|
|
},
|
|
"uuid": "b3bb33bf-9034-4d5c-8ea0-31d3bbd12b6b",
|
|
"value": "WireLurker (MOB-S0028) uses Obfuscated or Encrypted Payload (MOB-T1009)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "6447e3a1-ef4d-44b1-99d5-6b1c4888674f",
|
|
"target-uuid": "f981d199-2720-467e-9dc9-eea04dbe05cf"
|
|
},
|
|
"uuid": "b263e4e9-972d-4ba7-8be8-e55eb6a483c0",
|
|
"value": "HummingWhale (MOB-S0037) uses Generate Fraudulent Advertising Revenue (MOB-T1075)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "649f7268-4c12-483b-ac84-4b7bca9fe2ee",
|
|
"target-uuid": "f296fc9c-2ff5-43ee-941e-6b49c438270a"
|
|
},
|
|
"uuid": "718949aa-6841-48d2-9343-f01be0aa32c1",
|
|
"value": "Enterprise Policy (MOB-M1012) mitigates Device Unlock Code Guessing or Brute Force (MOB-T1062)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "20dbaf05-59b8-4dc6-8777-0b17f4553a23",
|
|
"target-uuid": "702055ac-4e54-4ae9-9527-e23a38e0b160"
|
|
},
|
|
"uuid": "bc4e848a-adb7-40a2-94a1-d5ab9854ff0f",
|
|
"value": "SpyNote RAT (MOB-S0021) uses Access Sensitive Data or Credentials in Files (MOB-T1012)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "0beabf44-e8d8-4ae4-9122-ef56369a2564",
|
|
"target-uuid": "1b51f5bc-b97a-498a-8dbd-bc6b1901bf19"
|
|
},
|
|
"uuid": "024f9ee4-cb7d-49f4-b180-ad1e5e168a4c",
|
|
"value": "Use Recent OS Version (MOB-M1006) mitigates Process Discovery (MOB-T1027)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "1553b156-6767-47f7-9eb4-2a692505666d",
|
|
"target-uuid": "d731c21e-f27d-4756-b418-0e2aaabd6d63"
|
|
},
|
|
"uuid": "6f1cadef-283b-466b-bfa2-0cb51edf88f7",
|
|
"value": "Application Vetting (MOB-M1005) mitigates Manipulate Device Communication (MOB-T1066)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "0beabf44-e8d8-4ae4-9122-ef56369a2564",
|
|
"target-uuid": "a9cab8f6-4c94-4c9b-9e7d-9d863ff53431"
|
|
},
|
|
"uuid": "176ba064-0657-4850-baa3-626bc845efd3",
|
|
"value": "Use Recent OS Version (MOB-M1006) mitigates Malicious Media Content (MOB-T1060)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "d05f7357-4cbe-47ea-bf83-b8604226d533",
|
|
"target-uuid": "e8b4e1ec-8e3b-484c-9038-4459b1ed8060"
|
|
},
|
|
"uuid": "68e5789c-9f60-421e-9c79-fae207a29e83",
|
|
"value": "Android/Chuli.A (MOB-S0020) uses Capture SMS Messages (MOB-T1015)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "33d9d91d-aad9-49d5-a516-220ce101ac8a",
|
|
"target-uuid": "fd339382-bfec-4bf0-8d47-1caedc9e7e57"
|
|
},
|
|
"uuid": "638f3d4b-f1d4-4c61-91a0-7c125ef8437a",
|
|
"value": "Pegasus (MOB-S0005) uses Malicious Web Content (MOB-T1059)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "bcecd036-f40e-4916-9f8e-fd0ccf0ece8d",
|
|
"target-uuid": "3b0b604f-10db-41a0-b54c-493124d455b9"
|
|
},
|
|
"uuid": "8aa790cc-0d42-4114-8cbe-783abc595b8b",
|
|
"value": "Security Updates (MOB-M1001) mitigates Network Traffic Capture or Redirection (MOB-T1013)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "1553b156-6767-47f7-9eb4-2a692505666d",
|
|
"target-uuid": "198ce408-1470-45ee-b47f-7056050d4fc2"
|
|
},
|
|
"uuid": "5b14149e-09f1-4d38-82bc-0ff3cff8b650",
|
|
"value": "Application Vetting (MOB-M1005) mitigates Application Discovery (MOB-T1021)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "e944670c-d03a-4e93-a21c-b3d4c53ec4c9",
|
|
"target-uuid": "9d7c32f4-ab39-49dc-8055-8106bc2294a1"
|
|
},
|
|
"uuid": "6bb99599-aa51-4492-9c79-296a772233b4",
|
|
"value": "Caution with Device Administrator Access (MOB-M1007) mitigates Lock User Out of Device (MOB-T1049)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "b6d3657a-2d6a-400f-8b7e-4d60391aa1f7",
|
|
"target-uuid": "6b846ad0-cc20-4db6-aa34-91561397c5e2"
|
|
},
|
|
"uuid": "f14af74f-fb6b-480f-91de-d755c89960ce",
|
|
"value": "AndroidOverlayMalware (MOB-S0012) uses App Delivered via Web Download (MOB-T1034)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "649f7268-4c12-483b-ac84-4b7bca9fe2ee",
|
|
"target-uuid": "51aedbd6-2837-4d15-aeb0-cb09f2bf22ac"
|
|
},
|
|
"uuid": "8e49feb1-e401-4e63-acfa-7f8b9a8ca026",
|
|
"value": "Enterprise Policy (MOB-M1012) mitigates Abuse of iOS Enterprise App Signing Key (MOB-T1048)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "5ddf81ea-2c06-497b-8c30-5f1ab89a40f9",
|
|
"target-uuid": "6b846ad0-cc20-4db6-aa34-91561397c5e2"
|
|
},
|
|
"uuid": "6fce6a21-ab9b-44a5-be20-9b631109487b",
|
|
"value": "MazarBOT (MOB-S0019) uses App Delivered via Web Download (MOB-T1034)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "e13d084c-382f-40fd-aa9a-98d69e20301e",
|
|
"target-uuid": "d13fa042-8f26-44e1-a2a8-af0bf8e2ac9a"
|
|
},
|
|
"uuid": "78cc0d6d-6347-45a4-a18c-ca76150aa7a9",
|
|
"value": "BrainTest (MOB-S0009) uses Obfuscated or Encrypted Payload (MOB-T1009)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "33d9d91d-aad9-49d5-a516-220ce101ac8a",
|
|
"target-uuid": "6683aa0c-d98a-4f5b-ac57-ca7e9934a760"
|
|
},
|
|
"uuid": "b7652f27-1cf6-4310-bf6b-5fb99c4fd725",
|
|
"value": "Pegasus (MOB-S0005) uses Microphone or Camera Recordings (MOB-T1032)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "1553b156-6767-47f7-9eb4-2a692505666d",
|
|
"target-uuid": "8e27551a-5080-4148-a584-c64348212e4f"
|
|
},
|
|
"uuid": "b1f2770e-11f0-429c-9bac-9fa5bc5859b0",
|
|
"value": "Application Vetting (MOB-M1005) mitigates Wipe Device Data (MOB-T1050)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "bcecd036-f40e-4916-9f8e-fd0ccf0ece8d",
|
|
"target-uuid": "0bcc4ec1-a897-49a9-a9ff-c00df1d1209d"
|
|
},
|
|
"uuid": "69bdeed3-d6a8-4d10-8bf5-44c6cb4392e5",
|
|
"value": "Security Updates (MOB-M1001) mitigates Malicious SMS Message (MOB-T1057)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "93799a9d-3537-43d8-b6f4-17215de1657c",
|
|
"target-uuid": "6683aa0c-d98a-4f5b-ac57-ca7e9934a760"
|
|
},
|
|
"uuid": "0cae6859-d7d1-483b-b473-4f32084938a9",
|
|
"value": "Pegasus for Android (MOB-S0032) uses Microphone or Camera Recordings (MOB-T1032)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "0beabf44-e8d8-4ae4-9122-ef56369a2564",
|
|
"target-uuid": "fd339382-bfec-4bf0-8d47-1caedc9e7e57"
|
|
},
|
|
"uuid": "3f3d63f0-1f03-4931-9624-10eaf4b207b4",
|
|
"value": "Use Recent OS Version (MOB-M1006) mitigates Malicious Web Content (MOB-T1059)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "33d9d91d-aad9-49d5-a516-220ce101ac8a",
|
|
"target-uuid": "99e6295e-741b-4857-b6e5-64989eb039b4"
|
|
},
|
|
"uuid": "94040d2e-3f60-423c-8a93-a83b61cafe7d",
|
|
"value": "Pegasus (MOB-S0005) uses Location Tracking (MOB-T1033)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "f6ac21b6-2592-400c-8472-10d0e2f1bfaf",
|
|
"target-uuid": "99e6295e-741b-4857-b6e5-64989eb039b4"
|
|
},
|
|
"uuid": "8ed14c81-0b30-4bfc-8552-439aa0e920c3",
|
|
"value": "Adups (MOB-S0025) uses Location Tracking (MOB-T1033)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "c80a6bef-b3ce-44d0-b113-946e93124898",
|
|
"target-uuid": "351c0927-2fc1-4a2c-ad84-cbbee7eb8172"
|
|
},
|
|
"uuid": "f0851531-e554-4658-920c-f2342632c19a",
|
|
"value": "Shedun (MOB-S0010) uses Exploit OS Vulnerability (MOB-T1007)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "d9e07aea-baad-4b68-bdca-90c77647d7f9",
|
|
"target-uuid": "3dd58c80-4c2e-458c-9503-1b2cd273c4d2"
|
|
},
|
|
"uuid": "13efc415-5e17-4a16-81c2-64e74815907f",
|
|
"value": "XcodeGhost (MOB-S0013) uses User Interface Spoofing (MOB-T1014)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "0beabf44-e8d8-4ae4-9122-ef56369a2564",
|
|
"target-uuid": "0bcc4ec1-a897-49a9-a9ff-c00df1d1209d"
|
|
},
|
|
"uuid": "a912f528-5218-4e0b-a350-7e9012cccdf3",
|
|
"value": "Use Recent OS Version (MOB-M1006) mitigates Malicious SMS Message (MOB-T1057)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "653492e3-27be-4a0e-b08c-938dd2b7e0e1",
|
|
"target-uuid": "f296fc9c-2ff5-43ee-941e-6b49c438270a"
|
|
},
|
|
"uuid": "64a6fb42-65ce-4160-a5c8-ac176f60a2ae",
|
|
"value": "User Guidance (MOB-M1011) mitigates Device Unlock Code Guessing or Brute Force (MOB-T1062)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "3bc1f0ad-ef11-4afc-83c0-fcffe08d4e50",
|
|
"target-uuid": "9d7c32f4-ab39-49dc-8055-8106bc2294a1"
|
|
},
|
|
"uuid": "9f737872-3503-4ef4-b575-ab6037b33a98",
|
|
"value": "KeyRaider (MOB-S0004) uses Lock User Out of Device (MOB-T1049)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "56660521-6db4-4e5a-a927-464f22954b7c",
|
|
"target-uuid": "a93ccb8f-3996-42e2-b7c7-bb599d4e205f"
|
|
},
|
|
"uuid": "efcfe1a3-3351-4b4f-ae36-101f103b4798",
|
|
"value": "X-Agent (MOB-S0030) uses Repackaged Application (MOB-T1047)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "ff742eeb-1f90-4f5a-8b92-9d40fffd99ca",
|
|
"target-uuid": "22379609-a99f-4a01-bd7e-70f3e105859d"
|
|
},
|
|
"uuid": "81db3270-4cb8-4982-8ff8-c28a874e8421",
|
|
"value": "DressCode (MOB-S0016) uses Exploit Enterprise Resources (MOB-T1031)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "1553b156-6767-47f7-9eb4-2a692505666d",
|
|
"target-uuid": "f981d199-2720-467e-9dc9-eea04dbe05cf"
|
|
},
|
|
"uuid": "31942635-81b1-4657-8882-50fb97fae64b",
|
|
"value": "Application Vetting (MOB-M1005) mitigates Generate Fraudulent Advertising Revenue (MOB-T1075)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "ff4821f6-5afb-481b-8c0f-26c28c0d666c",
|
|
"target-uuid": "46d818a5-67fa-4585-a7fc-ecf15376c8d5"
|
|
},
|
|
"uuid": "49f0f7b8-7208-4650-89c2-5d6b1f166113",
|
|
"value": "Attestation (MOB-M1002) mitigates Modify OS Kernel or Boot Partition (MOB-T1001)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "8220b57e-c400-4525-bf69-f8edc6b389a8",
|
|
"target-uuid": "a5de0540-73e7-4c67-96da-4143afedc7ed"
|
|
},
|
|
"uuid": "b2b31911-5b7e-4df3-89c6-00b5b372fb4f",
|
|
"value": "Encrypt Network Traffic (MOB-M1009) mitigates Rogue Cellular Base Station (MOB-T1070)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "0beabf44-e8d8-4ae4-9122-ef56369a2564",
|
|
"target-uuid": "ef771e03-e080-43b4-a619-ac6f84899884"
|
|
},
|
|
"uuid": "51186ad6-e721-49cf-9cf7-89466d5f29f4",
|
|
"value": "Use Recent OS Version (MOB-M1006) mitigates Exploit TEE Vulnerability (MOB-T1008)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "bcecd036-f40e-4916-9f8e-fd0ccf0ece8d",
|
|
"target-uuid": "e8b4e1ec-8e3b-484c-9038-4459b1ed8060"
|
|
},
|
|
"uuid": "f6fa0801-418e-43e5-bfae-332e909624fc",
|
|
"value": "Security Updates (MOB-M1001) mitigates Capture SMS Messages (MOB-T1015)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "bcecd036-f40e-4916-9f8e-fd0ccf0ece8d",
|
|
"target-uuid": "fd339382-bfec-4bf0-8d47-1caedc9e7e57"
|
|
},
|
|
"uuid": "d98a030f-c551-4fd0-9948-32e1ea01f79c",
|
|
"value": "Security Updates (MOB-M1001) mitigates Malicious Web Content (MOB-T1059)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "41e3fd01-7b83-471f-835d-d2b1dc9a770c",
|
|
"target-uuid": "6a3f6490-9c44-40de-b059-e5940f246673"
|
|
},
|
|
"uuid": "9d7ac1b2-3fa9-4236-b72d-5565f0c66eab",
|
|
"value": "Twitoor (MOB-S0018) uses Standard Application Layer Protocol (MOB-T1040)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "d89c132d-7752-4c7f-9372-954a71522985",
|
|
"target-uuid": "6a3f6490-9c44-40de-b059-e5940f246673"
|
|
},
|
|
"uuid": "2cdd5474-620c-499e-8b9c-835505febc2c",
|
|
"value": "Trojan-SMS.AndroidOS.OpFake.a (MOB-S0024) uses Standard Application Layer Protocol (MOB-T1040)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "7b1cf46f-784b-405a-a8dd-4624c19d8321",
|
|
"target-uuid": "c5089859-b21f-40a3-8be4-63e381b8b1c0"
|
|
},
|
|
"uuid": "0977107c-9dd3-4cc5-b769-7e29da9f4bb6",
|
|
"value": "System Partition Integrity (MOB-M1004) mitigates Modify System Partition (MOB-T1003)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "20d56cd6-8dff-4871-9889-d32d254816de",
|
|
"target-uuid": "351c0927-2fc1-4a2c-ad84-cbbee7eb8172"
|
|
},
|
|
"uuid": "aa8e45c2-4276-451b-b1eb-59c396bf720a",
|
|
"value": "Gooligan (MOB-S0006) uses Exploit OS Vulnerability (MOB-T1007)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "1553b156-6767-47f7-9eb4-2a692505666d",
|
|
"target-uuid": "351c0927-2fc1-4a2c-ad84-cbbee7eb8172"
|
|
},
|
|
"uuid": "5f6f5913-cade-4b14-aa96-5a921b0927a7",
|
|
"value": "Application Vetting (MOB-M1005) mitigates Exploit OS Vulnerability (MOB-T1007)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "a3dad2be-ce62-4440-953b-00fbce7aba93",
|
|
"target-uuid": "99e6295e-741b-4857-b6e5-64989eb039b4"
|
|
},
|
|
"uuid": "fa1da6db-da32-45d2-98a8-6bbe153166da",
|
|
"value": "AndroRAT (MOB-S0008) uses Location Tracking (MOB-T1033)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "8ccd428d-39da-4e8f-a55b-d48ea1d56e58",
|
|
"target-uuid": "c5089859-b21f-40a3-8be4-63e381b8b1c0"
|
|
},
|
|
"uuid": "ef7f8f51-6aea-4f5c-9c96-f353a14cf062",
|
|
"value": "Lock Bootloader (MOB-M1003) mitigates Modify System Partition (MOB-T1003)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "0beabf44-e8d8-4ae4-9122-ef56369a2564",
|
|
"target-uuid": "8f0e39c6-82c9-41ec-9f93-5696c0f2e274"
|
|
},
|
|
"uuid": "d6930d98-f8a2-4556-baa4-95275d3fa23d",
|
|
"value": "Use Recent OS Version (MOB-M1006) mitigates Premium SMS Toll Fraud (MOB-T1051)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "0beabf44-e8d8-4ae4-9122-ef56369a2564",
|
|
"target-uuid": "3dd58c80-4c2e-458c-9503-1b2cd273c4d2"
|
|
},
|
|
"uuid": "dfc1f490-f8b9-4287-8c79-652d42f0a64a",
|
|
"value": "Use Recent OS Version (MOB-M1006) mitigates User Interface Spoofing (MOB-T1014)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "93799a9d-3537-43d8-b6f4-17215de1657c",
|
|
"target-uuid": "351c0927-2fc1-4a2c-ad84-cbbee7eb8172"
|
|
},
|
|
"uuid": "3d24d88e-a0ab-42c6-8e8f-11f721082bba",
|
|
"value": "Pegasus for Android (MOB-S0032) uses Exploit OS Vulnerability (MOB-T1007)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "f6ac21b6-2592-400c-8472-10d0e2f1bfaf",
|
|
"target-uuid": "4e6620ac-c30c-4f6d-918e-fa20cae7c1ce"
|
|
},
|
|
"uuid": "a8079e6a-ef87-4e3b-9f71-cf1ea2360892",
|
|
"value": "Adups (MOB-S0025) uses Access Contact List (MOB-T1035)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "05c4f87c-be8f-46ea-8d9a-2a0aad8f52c1",
|
|
"target-uuid": "a93ccb8f-3996-42e2-b7c7-bb599d4e205f"
|
|
},
|
|
"uuid": "5f82db63-d7c2-43c7-a056-3cf718201ced",
|
|
"value": "DroidJack RAT (MOB-S0036) uses Repackaged Application (MOB-T1047)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "33d9d91d-aad9-49d5-a516-220ce101ac8a",
|
|
"target-uuid": "351c0927-2fc1-4a2c-ad84-cbbee7eb8172"
|
|
},
|
|
"uuid": "63e67cba-4eae-4495-8897-2610103a0c41",
|
|
"value": "Pegasus (MOB-S0005) uses Exploit OS Vulnerability (MOB-T1007)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "936be60d-90eb-4c36-9247-4b31128432c4",
|
|
"target-uuid": "d4536441-1bcc-49fa-80ae-a596ed3f7ffd"
|
|
},
|
|
"uuid": "3c291ee5-1782-4e5b-8131-5188c7388f45",
|
|
"value": "RuMMS (MOB-S0029) uses Local Network Configuration Discovery (MOB-T1025)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "0beabf44-e8d8-4ae4-9122-ef56369a2564",
|
|
"target-uuid": "79eec66a-9bd0-4a3f-ac82-19159e94bd44"
|
|
},
|
|
"uuid": "b28c1e81-4f78-4e40-9899-2872cdbcceba",
|
|
"value": "Use Recent OS Version (MOB-M1006) mitigates Access Call Log (MOB-T1036)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "1553b156-6767-47f7-9eb4-2a692505666d",
|
|
"target-uuid": "d9e88203-2b5d-405f-a406-2933b1e3d7e4"
|
|
},
|
|
"uuid": "c5b80ca7-eceb-43ea-991e-10af5d9ca4bc",
|
|
"value": "Application Vetting (MOB-M1005) mitigates Encrypt Files for Ransom (MOB-T1074)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "3bc1f0ad-ef11-4afc-83c0-fcffe08d4e50",
|
|
"target-uuid": "3b0b604f-10db-41a0-b54c-493124d455b9"
|
|
},
|
|
"uuid": "b596251a-73db-4e53-a04d-51be783b0241",
|
|
"value": "KeyRaider (MOB-S0004) uses Network Traffic Capture or Redirection (MOB-T1013)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "363bc05d-13cb-4e98-a5b7-e250f2bbdc2b",
|
|
"target-uuid": "6683aa0c-d98a-4f5b-ac57-ca7e9934a760"
|
|
},
|
|
"uuid": "14143e21-51bf-4fa7-a949-d22a8271f590",
|
|
"value": "RCSAndroid (MOB-S0011) uses Microphone or Camera Recordings (MOB-T1032)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "8220b57e-c400-4525-bf69-f8edc6b389a8",
|
|
"target-uuid": "3b0b604f-10db-41a0-b54c-493124d455b9"
|
|
},
|
|
"uuid": "ee0afd88-a0fc-4b1d-b047-9b9bf04d36fe",
|
|
"value": "Encrypt Network Traffic (MOB-M1009) mitigates Network Traffic Capture or Redirection (MOB-T1013)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "93799a9d-3537-43d8-b6f4-17215de1657c",
|
|
"target-uuid": "bd4d32f5-eed4-4018-a649-40b229dd1d69"
|
|
},
|
|
"uuid": "19df76ee-fa85-43cf-96ce-422d46f29a13",
|
|
"value": "Pegasus for Android (MOB-S0032) uses App Auto-Start at Device Boot (MOB-T1005)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "649f7268-4c12-483b-ac84-4b7bca9fe2ee",
|
|
"target-uuid": "1f96d624-8409-4472-ad8a-30618ee6b2e2"
|
|
},
|
|
"uuid": "0673ca70-d403-4e49-8e18-de4bf8ab700c",
|
|
"value": "Enterprise Policy (MOB-M1012) mitigates App Delivered via Email Attachment (MOB-T1037)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "20dbaf05-59b8-4dc6-8777-0b17f4553a23",
|
|
"target-uuid": "99e6295e-741b-4857-b6e5-64989eb039b4"
|
|
},
|
|
"uuid": "0f7e7c29-43f0-4aff-ae83-dfff331915ef",
|
|
"value": "SpyNote RAT (MOB-S0021) uses Location Tracking (MOB-T1033)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "653492e3-27be-4a0e-b08c-938dd2b7e0e1",
|
|
"target-uuid": "1f96d624-8409-4472-ad8a-30618ee6b2e2"
|
|
},
|
|
"uuid": "bf859944-d097-45ba-ae01-2f85a00cad1f",
|
|
"value": "User Guidance (MOB-M1011) mitigates App Delivered via Email Attachment (MOB-T1037)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "e13d084c-382f-40fd-aa9a-98d69e20301e",
|
|
"target-uuid": "76c12fc8-a4eb-45d6-a3b7-e371a7248f69"
|
|
},
|
|
"uuid": "6086e1e2-1b39-4ff2-910e-4a4eb86d57b7",
|
|
"value": "BrainTest (MOB-S0009) uses Manipulate App Store Rankings or Ratings (MOB-T1055)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "8ccd428d-39da-4e8f-a55b-d48ea1d56e58",
|
|
"target-uuid": "667e5707-3843-4da8-bd34-88b922526f0d"
|
|
},
|
|
"uuid": "3230c032-17e0-49f7-b948-c157049aafe2",
|
|
"value": "Lock Bootloader (MOB-M1003) mitigates Exploit via Charging Station or PC (MOB-T1061)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "33d9d91d-aad9-49d5-a516-220ce101ac8a",
|
|
"target-uuid": "0bcc4ec1-a897-49a9-a9ff-c00df1d1209d"
|
|
},
|
|
"uuid": "9e77b80d-4981-4908-9203-c4e7cea5b5d8",
|
|
"value": "Pegasus (MOB-S0005) uses Malicious SMS Message (MOB-T1057)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "0beabf44-e8d8-4ae4-9122-ef56369a2564",
|
|
"target-uuid": "2204c371-6100-4ae0-82f3-25c07c29772a"
|
|
},
|
|
"uuid": "55f12292-dc9d-4bfd-9de9-2d07cd67b044",
|
|
"value": "Use Recent OS Version (MOB-M1006) mitigates Abuse Accessibility Features (MOB-T1056)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "33d9d91d-aad9-49d5-a516-220ce101ac8a",
|
|
"target-uuid": "4e6620ac-c30c-4f6d-918e-fa20cae7c1ce"
|
|
},
|
|
"uuid": "7baa3cab-c4f8-4b91-a6c3-189ad7a6416c",
|
|
"value": "Pegasus (MOB-S0005) uses Access Contact List (MOB-T1035)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "d1c600f8-0fb6-4367-921b-85b71947d950",
|
|
"target-uuid": "4e6620ac-c30c-4f6d-918e-fa20cae7c1ce"
|
|
},
|
|
"uuid": "e2ee6825-43c2-441f-ba96-404a330a9059",
|
|
"value": "Charger (MOB-S0039) uses Access Contact List (MOB-T1035)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "e944670c-d03a-4e93-a21c-b3d4c53ec4c9",
|
|
"target-uuid": "82f04b1e-5371-4a6f-be06-411f0f43b483"
|
|
},
|
|
"uuid": "3c2d7ccc-5980-4012-8aab-64979bcd0ea6",
|
|
"value": "Caution with Device Administrator Access (MOB-M1007) mitigates Abuse Device Administrator Access to Prevent Removal (MOB-T1004)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "1553b156-6767-47f7-9eb4-2a692505666d",
|
|
"target-uuid": "d13fa042-8f26-44e1-a2a8-af0bf8e2ac9a"
|
|
},
|
|
"uuid": "b4e055cf-f77e-4888-9610-6cd328e035c8",
|
|
"value": "Application Vetting (MOB-M1005) mitigates Obfuscated or Encrypted Payload (MOB-T1009)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "0beabf44-e8d8-4ae4-9122-ef56369a2564",
|
|
"target-uuid": "d4536441-1bcc-49fa-80ae-a596ed3f7ffd"
|
|
},
|
|
"uuid": "554ec347-c8b2-43da-876b-36608dcc543d",
|
|
"value": "Use Recent OS Version (MOB-M1006) mitigates Local Network Configuration Discovery (MOB-T1025)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "20d56cd6-8dff-4871-9889-d32d254816de",
|
|
"target-uuid": "702055ac-4e54-4ae9-9527-e23a38e0b160"
|
|
},
|
|
"uuid": "a25d58af-dbb3-4025-b91d-898c6adffcb3",
|
|
"value": "Gooligan (MOB-S0006) uses Access Sensitive Data or Credentials in Files (MOB-T1012)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "1553b156-6767-47f7-9eb4-2a692505666d",
|
|
"target-uuid": "1b51f5bc-b97a-498a-8dbd-bc6b1901bf19"
|
|
},
|
|
"uuid": "6c0491ee-53e0-44ae-bcd0-253fc47de61e",
|
|
"value": "Application Vetting (MOB-M1005) mitigates Process Discovery (MOB-T1027)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "8220b57e-c400-4525-bf69-f8edc6b389a8",
|
|
"target-uuid": "393e8c12-a416-4575-ba90-19cc85656796"
|
|
},
|
|
"uuid": "b5097495-f417-46ed-88e2-02cba2371936",
|
|
"value": "Encrypt Network Traffic (MOB-M1009) mitigates Eavesdrop on Insecure Network Communication (MOB-T1042)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "653492e3-27be-4a0e-b08c-938dd2b7e0e1",
|
|
"target-uuid": "f9e4f526-ac9d-4df5-8949-833a82a1d2df"
|
|
},
|
|
"uuid": "aa23a2c6-ed8a-4453-95d1-f9a47e14b0f9",
|
|
"value": "User Guidance (MOB-M1011) mitigates Malicious or Vulnerable Built-in Device Functionality (MOB-T1076)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "317a2c10-d489-431e-b6b2-f0251fddc88e",
|
|
"target-uuid": "6683aa0c-d98a-4f5b-ac57-ca7e9934a760"
|
|
},
|
|
"uuid": "ed06f5dc-9d02-4896-a0a3-2f457c64f125",
|
|
"value": "Dendroid (MOB-S0017) uses Microphone or Camera Recordings (MOB-T1032)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "0beabf44-e8d8-4ae4-9122-ef56369a2564",
|
|
"target-uuid": "e8b4e1ec-8e3b-484c-9038-4459b1ed8060"
|
|
},
|
|
"uuid": "a4b53160-fdb8-4cab-90cc-ad12ab13a8a0",
|
|
"value": "Use Recent OS Version (MOB-M1006) mitigates Capture SMS Messages (MOB-T1015)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "a15c9357-2be0-4836-beec-594f28b9b4a9",
|
|
"target-uuid": "51aedbd6-2837-4d15-aeb0-cb09f2bf22ac"
|
|
},
|
|
"uuid": "c5d6fb25-1782-44c4-b3ae-0cd72e8a6d37",
|
|
"value": "YiSpecter (MOB-S0027) uses Abuse of iOS Enterprise App Signing Key (MOB-T1048)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "05c4f87c-be8f-46ea-8d9a-2a0aad8f52c1",
|
|
"target-uuid": "e8b4e1ec-8e3b-484c-9038-4459b1ed8060"
|
|
},
|
|
"uuid": "910009da-65c0-4e6a-aeb2-386c643d1c0e",
|
|
"value": "DroidJack RAT (MOB-S0036) uses Capture SMS Messages (MOB-T1015)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "d05f7357-4cbe-47ea-bf83-b8604226d533",
|
|
"target-uuid": "1f96d624-8409-4472-ad8a-30618ee6b2e2"
|
|
},
|
|
"uuid": "fb371daf-2771-488f-90ca-5e08b9a36c5c",
|
|
"value": "Android/Chuli.A (MOB-S0020) uses App Delivered via Email Attachment (MOB-T1037)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "0beabf44-e8d8-4ae4-9122-ef56369a2564",
|
|
"target-uuid": "dfe29258-ce59-421c-9dee-e85cb9fa90cd"
|
|
},
|
|
"uuid": "37c4a0cf-0552-46fd-b067-419b15833044",
|
|
"value": "Use Recent OS Version (MOB-M1006) mitigates Lockscreen Bypass (MOB-T1064)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "936be60d-90eb-4c36-9247-4b31128432c4",
|
|
"target-uuid": "e8b4e1ec-8e3b-484c-9038-4459b1ed8060"
|
|
},
|
|
"uuid": "29dc105c-0b1b-4645-85ef-436c096bd3e2",
|
|
"value": "RuMMS (MOB-S0029) uses Capture SMS Messages (MOB-T1015)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "1553b156-6767-47f7-9eb4-2a692505666d",
|
|
"target-uuid": "77e30eee-fd48-40b4-99ec-73e97c158b58"
|
|
},
|
|
"uuid": "5b9a54cd-4925-4a2b-ad61-27d70e673093",
|
|
"value": "Application Vetting (MOB-M1005) mitigates Android Intent Hijacking (MOB-T1019)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "0beabf44-e8d8-4ae4-9122-ef56369a2564",
|
|
"target-uuid": "3b0b604f-10db-41a0-b54c-493124d455b9"
|
|
},
|
|
"uuid": "8ccfab20-58cf-4af6-9fb0-6bbf59258ac9",
|
|
"value": "Use Recent OS Version (MOB-M1006) mitigates Network Traffic Capture or Redirection (MOB-T1013)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "23040c15-e7d8-47b5-8c16-8fd3e0e297fe",
|
|
"target-uuid": "22379609-a99f-4a01-bd7e-70f3e105859d"
|
|
},
|
|
"uuid": "ffc24804-42db-4be1-a418-7f5ab9de453c",
|
|
"value": "NotCompatible (MOB-S0015) uses Exploit Enterprise Resources (MOB-T1031)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "bcecd036-f40e-4916-9f8e-fd0ccf0ece8d",
|
|
"target-uuid": "667e5707-3843-4da8-bd34-88b922526f0d"
|
|
},
|
|
"uuid": "00b20e5c-5f52-4a07-bfec-e30872e793e3",
|
|
"value": "Security Updates (MOB-M1001) mitigates Exploit via Charging Station or PC (MOB-T1061)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "20dbaf05-59b8-4dc6-8777-0b17f4553a23",
|
|
"target-uuid": "4e6620ac-c30c-4f6d-918e-fa20cae7c1ce"
|
|
},
|
|
"uuid": "5012c647-9b58-4a4f-b64f-468c9b76a60c",
|
|
"value": "SpyNote RAT (MOB-S0021) uses Access Contact List (MOB-T1035)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "936be60d-90eb-4c36-9247-4b31128432c4",
|
|
"target-uuid": "6b846ad0-cc20-4db6-aa34-91561397c5e2"
|
|
},
|
|
"uuid": "e3a03a80-0e31-43ef-b802-d6f65c44896d",
|
|
"value": "RuMMS (MOB-S0029) uses App Delivered via Web Download (MOB-T1034)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "33d9d91d-aad9-49d5-a516-220ce101ac8a",
|
|
"target-uuid": "d4536441-1bcc-49fa-80ae-a596ed3f7ffd"
|
|
},
|
|
"uuid": "450a1b75-efa5-4d7a-bcd5-d3e63723b408",
|
|
"value": "Pegasus (MOB-S0005) uses Local Network Configuration Discovery (MOB-T1025)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "1553b156-6767-47f7-9eb4-2a692505666d",
|
|
"target-uuid": "89fcd02f-62dc-40b9-a54b-9ac4b1baef05"
|
|
},
|
|
"uuid": "05c87985-4f8a-4a38-b1cd-ab01f0a628ed",
|
|
"value": "Application Vetting (MOB-M1005) mitigates Device Type Discovery (MOB-T1022)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "653492e3-27be-4a0e-b08c-938dd2b7e0e1",
|
|
"target-uuid": "a93ccb8f-3996-42e2-b7c7-bb599d4e205f"
|
|
},
|
|
"uuid": "634e2691-341f-4e5b-83e7-e28369d88c64",
|
|
"value": "User Guidance (MOB-M1011) mitigates Repackaged Application (MOB-T1047)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "0beabf44-e8d8-4ae4-9122-ef56369a2564",
|
|
"target-uuid": "cf28ca46-1fd3-46b4-b1f6-ec0b72361848"
|
|
},
|
|
"uuid": "7260c8fe-6b3b-48a2-889f-f329fb5b4ef0",
|
|
"value": "Use Recent OS Version (MOB-M1006) mitigates File and Directory Discovery (MOB-T1023)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "a3dad2be-ce62-4440-953b-00fbce7aba93",
|
|
"target-uuid": "e8b4e1ec-8e3b-484c-9038-4459b1ed8060"
|
|
},
|
|
"uuid": "980c49f8-d991-4e1f-8feb-6173e3dfca1f",
|
|
"value": "AndroRAT (MOB-S0008) uses Capture SMS Messages (MOB-T1015)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "653492e3-27be-4a0e-b08c-938dd2b7e0e1",
|
|
"target-uuid": "51aedbd6-2837-4d15-aeb0-cb09f2bf22ac"
|
|
},
|
|
"uuid": "49fe6eac-73a7-4147-9121-85fb71fca4ed",
|
|
"value": "User Guidance (MOB-M1011) mitigates Abuse of iOS Enterprise App Signing Key (MOB-T1048)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "d05f7357-4cbe-47ea-bf83-b8604226d533",
|
|
"target-uuid": "4e6620ac-c30c-4f6d-918e-fa20cae7c1ce"
|
|
},
|
|
"uuid": "cfa1d194-7401-46ba-bfed-5f311aeb22d3",
|
|
"value": "Android/Chuli.A (MOB-S0020) uses Access Contact List (MOB-T1035)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "bcecd036-f40e-4916-9f8e-fd0ccf0ece8d",
|
|
"target-uuid": "c91c304a-975d-4501-9789-0db1c57afd3f"
|
|
},
|
|
"uuid": "047ab474-c4ec-4675-a817-1e0a9f8dd92f",
|
|
"value": "Security Updates (MOB-M1001) mitigates Exploit Baseband Vulnerability (MOB-T1058)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "e13d084c-382f-40fd-aa9a-98d69e20301e",
|
|
"target-uuid": "c5089859-b21f-40a3-8be4-63e381b8b1c0"
|
|
},
|
|
"uuid": "0e9edc13-7af7-43c4-8ec2-636b1f8cb7f1",
|
|
"value": "BrainTest (MOB-S0009) uses Modify System Partition (MOB-T1003)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "649f7268-4c12-483b-ac84-4b7bca9fe2ee",
|
|
"target-uuid": "6b846ad0-cc20-4db6-aa34-91561397c5e2"
|
|
},
|
|
"uuid": "cdb1ed75-d8a5-4088-b282-0b85588bbc8c",
|
|
"value": "Enterprise Policy (MOB-M1012) mitigates App Delivered via Web Download (MOB-T1034)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "ca4f63b9-a358-4214-bb26-8c912318cfde",
|
|
"target-uuid": "d13fa042-8f26-44e1-a2a8-af0bf8e2ac9a"
|
|
},
|
|
"uuid": "b67f04d9-1cbd-49b4-9ec3-a33a41ac42ab",
|
|
"value": "OBAD (MOB-S0002) uses Obfuscated or Encrypted Payload (MOB-T1009)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "0beabf44-e8d8-4ae4-9122-ef56369a2564",
|
|
"target-uuid": "f9e4f526-ac9d-4df5-8949-833a82a1d2df"
|
|
},
|
|
"uuid": "3baf01c5-591b-43a0-8963-506531313e68",
|
|
"value": "Use Recent OS Version (MOB-M1006) mitigates Malicious or Vulnerable Built-in Device Functionality (MOB-T1076)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "a1867c56-8c86-455a-96ad-b0d5f7e2bc17",
|
|
"target-uuid": "6a3f6490-9c44-40de-b059-e5940f246673"
|
|
},
|
|
"uuid": "319d46b5-de41-4f23-9001-2fa75f954720",
|
|
"value": "Trojan-SMS.AndroidOS.Agent.ao (MOB-S0023) uses Standard Application Layer Protocol (MOB-T1040)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "649f7268-4c12-483b-ac84-4b7bca9fe2ee",
|
|
"target-uuid": "45dcbc83-4abc-4de1-b643-e528d1e9df09"
|
|
},
|
|
"uuid": "1a62c9c7-2d3b-4ee7-87d1-d8774050c566",
|
|
"value": "Enterprise Policy (MOB-M1012) mitigates Biometric Spoofing (MOB-T1063)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "33d9d91d-aad9-49d5-a516-220ce101ac8a",
|
|
"target-uuid": "79eec66a-9bd0-4a3f-ac82-19159e94bd44"
|
|
},
|
|
"uuid": "34351abd-1f58-420a-a893-ad822839815d",
|
|
"value": "Pegasus (MOB-S0005) uses Access Call Log (MOB-T1036)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "0beabf44-e8d8-4ae4-9122-ef56369a2564",
|
|
"target-uuid": "f296fc9c-2ff5-43ee-941e-6b49c438270a"
|
|
},
|
|
"uuid": "fa7b38df-eedc-469b-bcec-facdd8365231",
|
|
"value": "Use Recent OS Version (MOB-M1006) mitigates Device Unlock Code Guessing or Brute Force (MOB-T1062)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "326eaf7b-5784-4f08-8fc2-61fd5d5bc5fb",
|
|
"target-uuid": "667e5707-3843-4da8-bd34-88b922526f0d"
|
|
},
|
|
"uuid": "0791f28b-d06f-4fee-9cdb-85a6fd2eed61",
|
|
"value": "WireLurker (MOB-S0028) uses Exploit via Charging Station or PC (MOB-T1061)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "1553b156-6767-47f7-9eb4-2a692505666d",
|
|
"target-uuid": "8f0e39c6-82c9-41ec-9f93-5696c0f2e274"
|
|
},
|
|
"uuid": "4caf3ad1-6ef8-42de-851d-bdc3a22977b3",
|
|
"value": "Application Vetting (MOB-M1005) mitigates Premium SMS Toll Fraud (MOB-T1051)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "d05f7357-4cbe-47ea-bf83-b8604226d533",
|
|
"target-uuid": "b3c2e5de-0941-4b57-ba61-af029eb5517a"
|
|
},
|
|
"uuid": "c83c84e8-a556-4efe-ae24-75970ee8ad4b",
|
|
"value": "Android/Chuli.A (MOB-S0020) uses Alternate Network Mediums (MOB-T1041)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "bcecd036-f40e-4916-9f8e-fd0ccf0ece8d",
|
|
"target-uuid": "a9cab8f6-4c94-4c9b-9e7d-9d863ff53431"
|
|
},
|
|
"uuid": "3a9467d4-09df-4266-ba5a-d40309949e70",
|
|
"value": "Security Updates (MOB-M1001) mitigates Malicious Media Content (MOB-T1060)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "1553b156-6767-47f7-9eb4-2a692505666d",
|
|
"target-uuid": "3b0b604f-10db-41a0-b54c-493124d455b9"
|
|
},
|
|
"uuid": "6407562a-d297-43cd-95df-aec9cf501ce2",
|
|
"value": "Application Vetting (MOB-M1005) mitigates Network Traffic Capture or Redirection (MOB-T1013)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "93799a9d-3537-43d8-b6f4-17215de1657c",
|
|
"target-uuid": "b765efd1-02e6-4e67-aebf-0fef5c37e54b"
|
|
},
|
|
"uuid": "0e81eb1d-cd1e-43e1-8c09-03927681ce76",
|
|
"value": "Pegasus for Android (MOB-S0032) uses Detect App Analysis Environment (MOB-T1043)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "1553b156-6767-47f7-9eb4-2a692505666d",
|
|
"target-uuid": "4e6620ac-c30c-4f6d-918e-fa20cae7c1ce"
|
|
},
|
|
"uuid": "e183af70-44d5-4d56-9aad-753eb4c1c964",
|
|
"value": "Application Vetting (MOB-M1005) mitigates Access Contact List (MOB-T1035)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "5ddf81ea-2c06-497b-8c30-5f1ab89a40f9",
|
|
"target-uuid": "8f0e39c6-82c9-41ec-9f93-5696c0f2e274"
|
|
},
|
|
"uuid": "5a6df1dd-9aa4-4f67-9195-8c3a9f5c0f7a",
|
|
"value": "MazarBOT (MOB-S0019) uses Premium SMS Toll Fraud (MOB-T1051)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "653492e3-27be-4a0e-b08c-938dd2b7e0e1",
|
|
"target-uuid": "a0464539-e1b7-4455-a355-12495987c300"
|
|
},
|
|
"uuid": "86696d32-0af7-4308-b1fe-52306b9f839a",
|
|
"value": "User Guidance (MOB-M1011) mitigates Attack PC via USB Connection (MOB-T1030)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "bcecd036-f40e-4916-9f8e-fd0ccf0ece8d",
|
|
"target-uuid": "702055ac-4e54-4ae9-9527-e23a38e0b160"
|
|
},
|
|
"uuid": "92333055-88ce-4db2-a589-e0e1e617d8e0",
|
|
"value": "Security Updates (MOB-M1001) mitigates Access Sensitive Data or Credentials in Files (MOB-T1012)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "93799a9d-3537-43d8-b6f4-17215de1657c",
|
|
"target-uuid": "62adb627-f647-498e-b4cc-41499361bacb"
|
|
},
|
|
"uuid": "a7b276ac-6f07-4d1f-8d24-dc5682acf62d",
|
|
"value": "Pegasus for Android (MOB-S0032) uses Access Calendar Entries (MOB-T1038)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "3c3b55a6-c3e9-4043-8aae-283fe96220c0",
|
|
"target-uuid": "b765efd1-02e6-4e67-aebf-0fef5c37e54b"
|
|
},
|
|
"uuid": "eb686f55-85de-42d8-a5a1-69a78af0f1f3",
|
|
"value": "ZergHelper (MOB-S0003) uses Detect App Analysis Environment (MOB-T1043)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "653492e3-27be-4a0e-b08c-938dd2b7e0e1",
|
|
"target-uuid": "a8c31121-852b-46bd-9ba4-674ae5afe7ad"
|
|
},
|
|
"uuid": "7b899be0-4a9c-4e52-aeab-d8acedfe26d0",
|
|
"value": "User Guidance (MOB-M1011) mitigates Malicious Third Party Keyboard App (MOB-T1020)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "bcecd036-f40e-4916-9f8e-fd0ccf0ece8d",
|
|
"target-uuid": "351c0927-2fc1-4a2c-ad84-cbbee7eb8172"
|
|
},
|
|
"uuid": "96027d55-0bdb-4f5f-a559-66c93eab3a17",
|
|
"value": "Security Updates (MOB-M1001) mitigates Exploit OS Vulnerability (MOB-T1007)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "c709da93-20c3-4d17-ab68-48cba76b2137",
|
|
"target-uuid": "99e6295e-741b-4857-b6e5-64989eb039b4"
|
|
},
|
|
"uuid": "27247071-356b-4b5f-bc8f-6436a3fec095",
|
|
"value": "PJApps (MOB-S0007) uses Location Tracking (MOB-T1033)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "1553b156-6767-47f7-9eb4-2a692505666d",
|
|
"target-uuid": "99e6295e-741b-4857-b6e5-64989eb039b4"
|
|
},
|
|
"uuid": "d22dc053-24a7-4a5b-ae51-8a626569ec9b",
|
|
"value": "Application Vetting (MOB-M1005) mitigates Location Tracking (MOB-T1033)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "33d9d91d-aad9-49d5-a516-220ce101ac8a",
|
|
"target-uuid": "e8b4e1ec-8e3b-484c-9038-4459b1ed8060"
|
|
},
|
|
"uuid": "7d481598-ece7-469c-b231-619a804c25e5",
|
|
"value": "Pegasus (MOB-S0005) uses Capture SMS Messages (MOB-T1015)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "363bc05d-13cb-4e98-a5b7-e250f2bbdc2b",
|
|
"target-uuid": "c4b96c0b-cb58-497a-a1c2-bb447d79d692"
|
|
},
|
|
"uuid": "9e3921a8-a9e1-48c4-9b61-ff190c104f63",
|
|
"value": "RCSAndroid (MOB-S0011) uses Capture Clipboard Data (MOB-T1017)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "d05f7357-4cbe-47ea-bf83-b8604226d533",
|
|
"target-uuid": "3911658a-6506-4deb-9ab4-595a51ae71ad"
|
|
},
|
|
"uuid": "7c966cde-22fd-4eb2-b518-3e37a8fad88b",
|
|
"value": "Android/Chuli.A (MOB-S0020) uses Commonly Used Port (MOB-T1039)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "8220b57e-c400-4525-bf69-f8edc6b389a8",
|
|
"target-uuid": "fb3fa94a-3aee-4ab0-b7e7-abdf0a51286d"
|
|
},
|
|
"uuid": "dc6eb5d7-acef-4eb4-bece-4e8c90c914dc",
|
|
"value": "Encrypt Network Traffic (MOB-M1009) mitigates Exploit SS7 to Redirect Phone Calls/SMS (MOB-T1052)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "da21929e-40c0-443d-bdf4-6b60d15448b4",
|
|
"target-uuid": "e8b4e1ec-8e3b-484c-9038-4459b1ed8060"
|
|
},
|
|
"uuid": "833b4c44-7370-4b27-b9b2-a058c27dcf8c",
|
|
"value": "Xbot (MOB-S0014) uses Capture SMS Messages (MOB-T1015)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "8220b57e-c400-4525-bf69-f8edc6b389a8",
|
|
"target-uuid": "633baf01-6de4-4963-bb54-ff6c6357bed3"
|
|
},
|
|
"uuid": "4df969b3-f5a0-4802-b87e-a458e3e439ed",
|
|
"value": "Encrypt Network Traffic (MOB-M1009) mitigates Rogue Wi-Fi Access Points (MOB-T1068)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "20d56cd6-8dff-4871-9889-d32d254816de",
|
|
"target-uuid": "f981d199-2720-467e-9dc9-eea04dbe05cf"
|
|
},
|
|
"uuid": "42ae42eb-ea75-457a-bf39-4ea04304dd0b",
|
|
"value": "Gooligan (MOB-S0006) uses Generate Fraudulent Advertising Revenue (MOB-T1075)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "93799a9d-3537-43d8-b6f4-17215de1657c",
|
|
"target-uuid": "c5089859-b21f-40a3-8be4-63e381b8b1c0"
|
|
},
|
|
"uuid": "d7ae7fb1-c363-4969-a4af-e2dd44a3c064",
|
|
"value": "Pegasus for Android (MOB-S0032) uses Modify System Partition (MOB-T1003)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "33d9d91d-aad9-49d5-a516-220ce101ac8a",
|
|
"target-uuid": "c5089859-b21f-40a3-8be4-63e381b8b1c0"
|
|
},
|
|
"uuid": "69718f1d-7761-41ae-b9d0-12c45f6b4ac4",
|
|
"value": "Pegasus (MOB-S0005) uses Modify System Partition (MOB-T1003)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "bcecd036-f40e-4916-9f8e-fd0ccf0ece8d",
|
|
"target-uuid": "b332a960-3c04-495a-827f-f17a5daed3a6"
|
|
},
|
|
"uuid": "15a2702e-4e49-4255-909d-bbf94abfd1d7",
|
|
"value": "Security Updates (MOB-M1001) mitigates Disguise Root/Jailbreak Indicators (MOB-T1011)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "1553b156-6767-47f7-9eb4-2a692505666d",
|
|
"target-uuid": "2204c371-6100-4ae0-82f3-25c07c29772a"
|
|
},
|
|
"uuid": "077da2d7-0913-4040-b25e-2f6913ed4ea0",
|
|
"value": "Application Vetting (MOB-M1005) mitigates Abuse Accessibility Features (MOB-T1056)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "0beabf44-e8d8-4ae4-9122-ef56369a2564",
|
|
"target-uuid": "29e07491-8947-43a3-8d4e-9a787c45f3d3"
|
|
},
|
|
"uuid": "c761ed82-24cc-4c40-94ef-c4d0f4d1cd7a",
|
|
"value": "Use Recent OS Version (MOB-M1006) mitigates Access Sensitive Data in Device Logs (MOB-T1016)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "bcecd036-f40e-4916-9f8e-fd0ccf0ece8d",
|
|
"target-uuid": "f9e4f526-ac9d-4df5-8949-833a82a1d2df"
|
|
},
|
|
"uuid": "1a493cb6-452f-46ce-a7b4-267eacd5d2ff",
|
|
"value": "Security Updates (MOB-M1001) mitigates Malicious or Vulnerable Built-in Device Functionality (MOB-T1076)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "d05f7357-4cbe-47ea-bf83-b8604226d533",
|
|
"target-uuid": "79eec66a-9bd0-4a3f-ac82-19159e94bd44"
|
|
},
|
|
"uuid": "2bedbf86-2ef0-45bf-950d-b9d072c03bdc",
|
|
"value": "Android/Chuli.A (MOB-S0020) uses Access Call Log (MOB-T1036)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "e13d084c-382f-40fd-aa9a-98d69e20301e",
|
|
"target-uuid": "351c0927-2fc1-4a2c-ad84-cbbee7eb8172"
|
|
},
|
|
"uuid": "02b3c8fe-1539-4c77-b67e-07fa8a22c91e",
|
|
"value": "BrainTest (MOB-S0009) uses Exploit OS Vulnerability (MOB-T1007)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "bcecd036-f40e-4916-9f8e-fd0ccf0ece8d",
|
|
"target-uuid": "79eec66a-9bd0-4a3f-ac82-19159e94bd44"
|
|
},
|
|
"uuid": "93a524e2-cb17-4b40-8640-a03949e89775",
|
|
"value": "Security Updates (MOB-M1001) mitigates Access Call Log (MOB-T1036)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "93799a9d-3537-43d8-b6f4-17215de1657c",
|
|
"target-uuid": "79eec66a-9bd0-4a3f-ac82-19159e94bd44"
|
|
},
|
|
"uuid": "4f366c8c-9c70-44ed-baa8-d433d5dbfe49",
|
|
"value": "Pegasus for Android (MOB-S0032) uses Access Call Log (MOB-T1036)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "bcecd036-f40e-4916-9f8e-fd0ccf0ece8d",
|
|
"target-uuid": "29e07491-8947-43a3-8d4e-9a787c45f3d3"
|
|
},
|
|
"uuid": "b23ec81b-8610-4bb0-a837-2c316c67fa79",
|
|
"value": "Security Updates (MOB-M1001) mitigates Access Sensitive Data in Device Logs (MOB-T1016)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "bcecd036-f40e-4916-9f8e-fd0ccf0ece8d",
|
|
"target-uuid": "88932a8c-3a17-406f-9431-1da3ff19f6d6"
|
|
},
|
|
"uuid": "72d7fa07-e559-4e35-b791-64b7bf8a0aef",
|
|
"value": "Security Updates (MOB-M1001) mitigates Modify cached executable code (MOB-T1006)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "da21929e-40c0-443d-bdf4-6b60d15448b4",
|
|
"target-uuid": "d9e88203-2b5d-405f-a406-2933b1e3d7e4"
|
|
},
|
|
"uuid": "70f8cbed-b20d-4ff2-ad02-8d78e7d49159",
|
|
"value": "Xbot (MOB-S0014) uses Encrypt Files for Ransom (MOB-T1074)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "1553b156-6767-47f7-9eb4-2a692505666d",
|
|
"target-uuid": "3dd58c80-4c2e-458c-9503-1b2cd273c4d2"
|
|
},
|
|
"uuid": "095f71ad-9a93-45ce-9b77-a101f6c894de",
|
|
"value": "Application Vetting (MOB-M1005) mitigates User Interface Spoofing (MOB-T1014)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "653492e3-27be-4a0e-b08c-938dd2b7e0e1",
|
|
"target-uuid": "a21a6a79-f9a1-4c87-aed9-ba2d79536881"
|
|
},
|
|
"uuid": "aaf0ae2f-07ea-479e-8419-e524e23dbaef",
|
|
"value": "User Guidance (MOB-M1011) mitigates Stolen Developer Credentials or Signing Keys (MOB-T1044)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "653492e3-27be-4a0e-b08c-938dd2b7e0e1",
|
|
"target-uuid": "831e3269-da49-48ac-94dc-948008e8fd16"
|
|
},
|
|
"uuid": "8f7c14bf-4c0f-4e54-99c2-41b511220b33",
|
|
"value": "User Guidance (MOB-M1011) mitigates Remotely Install Application (MOB-T1046)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "28e39395-91e7-4f02-b694-5e079c964da9",
|
|
"target-uuid": "6a3f6490-9c44-40de-b059-e5940f246673"
|
|
},
|
|
"uuid": "54151897-cc7e-4f92-af50-bed41ea78d92",
|
|
"value": "Trojan-SMS.AndroidOS.FakeInst.a (MOB-S0022) uses Standard Application Layer Protocol (MOB-T1040)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "c80a6bef-b3ce-44d0-b113-946e93124898",
|
|
"target-uuid": "c5089859-b21f-40a3-8be4-63e381b8b1c0"
|
|
},
|
|
"uuid": "18afa4ad-4fd7-47ad-acdb-3b298b640d3c",
|
|
"value": "Shedun (MOB-S0010) uses Modify System Partition (MOB-T1003)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "1553b156-6767-47f7-9eb4-2a692505666d",
|
|
"target-uuid": "702055ac-4e54-4ae9-9527-e23a38e0b160"
|
|
},
|
|
"uuid": "7ec08d5c-73a1-4444-bd27-892090d6b2e3",
|
|
"value": "Application Vetting (MOB-M1005) mitigates Access Sensitive Data or Credentials in Files (MOB-T1012)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "bef4c620-0787-42a8-a96d-b7eb6e85917c",
|
|
"target-uuid": "56660521-6db4-4e5a-a927-464f22954b7c"
|
|
},
|
|
"uuid": "3e3cad6c-dd73-43c9-bf99-d4796ba97fb1",
|
|
"value": "APT28 (G0007) uses X-Agent (MOB-S0030)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "1553b156-6767-47f7-9eb4-2a692505666d",
|
|
"target-uuid": "11bd699b-f2c2-4e48-bf46-fb3f8acd9799"
|
|
},
|
|
"uuid": "c2437c8b-709f-47e8-ae65-21ae48410a9e",
|
|
"value": "Application Vetting (MOB-M1005) mitigates Insecure Third-Party Libraries (MOB-T1028)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "d1c600f8-0fb6-4367-921b-85b71947d950",
|
|
"target-uuid": "b765efd1-02e6-4e67-aebf-0fef5c37e54b"
|
|
},
|
|
"uuid": "7e4be913-d916-4a79-ac00-262a49afe070",
|
|
"value": "Charger (MOB-S0039) uses Detect App Analysis Environment (MOB-T1043)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "b6d3657a-2d6a-400f-8b7e-4d60391aa1f7",
|
|
"target-uuid": "3dd58c80-4c2e-458c-9503-1b2cd273c4d2"
|
|
},
|
|
"uuid": "3faed885-6a3d-444f-8e57-fd8818abb1cc",
|
|
"value": "AndroidOverlayMalware (MOB-S0012) uses User Interface Spoofing (MOB-T1014)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "1553b156-6767-47f7-9eb4-2a692505666d",
|
|
"target-uuid": "d4536441-1bcc-49fa-80ae-a596ed3f7ffd"
|
|
},
|
|
"uuid": "513c05e2-afc6-4d1b-8a8e-6d6935a8626f",
|
|
"value": "Application Vetting (MOB-M1005) mitigates Local Network Configuration Discovery (MOB-T1025)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "0beabf44-e8d8-4ae4-9122-ef56369a2564",
|
|
"target-uuid": "351c0927-2fc1-4a2c-ad84-cbbee7eb8172"
|
|
},
|
|
"uuid": "08e7c0ad-f2d7-472c-97de-3627ca5d2991",
|
|
"value": "Use Recent OS Version (MOB-M1006) mitigates Exploit OS Vulnerability (MOB-T1007)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "20dbaf05-59b8-4dc6-8777-0b17f4553a23",
|
|
"target-uuid": "e8b4e1ec-8e3b-484c-9038-4459b1ed8060"
|
|
},
|
|
"uuid": "e0ebf0cd-9244-4cef-9171-128a12b87b58",
|
|
"value": "SpyNote RAT (MOB-S0021) uses Capture SMS Messages (MOB-T1015)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "93799a9d-3537-43d8-b6f4-17215de1657c",
|
|
"target-uuid": "4e6620ac-c30c-4f6d-918e-fa20cae7c1ce"
|
|
},
|
|
"uuid": "e84ad4b0-9f7a-48a5-89ae-33804b11eb56",
|
|
"value": "Pegasus for Android (MOB-S0032) uses Access Contact List (MOB-T1035)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "a3dad2be-ce62-4440-953b-00fbce7aba93",
|
|
"target-uuid": "4e6620ac-c30c-4f6d-918e-fa20cae7c1ce"
|
|
},
|
|
"uuid": "aaf55dd1-33df-4f02-8025-eaae01f30b33",
|
|
"value": "AndroRAT (MOB-S0008) uses Access Contact List (MOB-T1035)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "649f7268-4c12-483b-ac84-4b7bca9fe2ee",
|
|
"target-uuid": "b928b94a-4966-4e2a-9e61-36505b896ebc"
|
|
},
|
|
"uuid": "9adde9d7-4ba0-4e35-93ba-1e85e9eb16bc",
|
|
"value": "Enterprise Policy (MOB-M1012) mitigates Malicious Software Development Tools (MOB-T1065)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "5ddf81ea-2c06-497b-8c30-5f1ab89a40f9",
|
|
"target-uuid": "e8b4e1ec-8e3b-484c-9038-4459b1ed8060"
|
|
},
|
|
"uuid": "721cc30c-74cf-4eed-89a8-7a8e63e6c0e1",
|
|
"value": "MazarBOT (MOB-S0019) uses Capture SMS Messages (MOB-T1015)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "653492e3-27be-4a0e-b08c-938dd2b7e0e1",
|
|
"target-uuid": "667e5707-3843-4da8-bd34-88b922526f0d"
|
|
},
|
|
"uuid": "95f4db59-e0b4-4c1b-b888-1fc76b21e8c0",
|
|
"value": "User Guidance (MOB-M1011) mitigates Exploit via Charging Station or PC (MOB-T1061)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "c709da93-20c3-4d17-ab68-48cba76b2137",
|
|
"target-uuid": "8f0e39c6-82c9-41ec-9f93-5696c0f2e274"
|
|
},
|
|
"uuid": "4454a696-7619-40ee-971b-cbf646e4ee61",
|
|
"value": "PJApps (MOB-S0007) uses Premium SMS Toll Fraud (MOB-T1051)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "1553b156-6767-47f7-9eb4-2a692505666d",
|
|
"target-uuid": "9d7c32f4-ab39-49dc-8055-8106bc2294a1"
|
|
},
|
|
"uuid": "bebf345c-21d5-410f-9015-90c144161e5d",
|
|
"value": "Application Vetting (MOB-M1005) mitigates Lock User Out of Device (MOB-T1049)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "da21929e-40c0-443d-bdf4-6b60d15448b4",
|
|
"target-uuid": "3dd58c80-4c2e-458c-9503-1b2cd273c4d2"
|
|
},
|
|
"uuid": "1cca5e17-80ae-4b6e-8919-2768153aa966",
|
|
"value": "Xbot (MOB-S0014) uses User Interface Spoofing (MOB-T1014)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "507fe748-5e4a-4b45-9e9f-8b1115f4e878",
|
|
"target-uuid": "667e5707-3843-4da8-bd34-88b922526f0d"
|
|
},
|
|
"uuid": "b7282bf9-63f8-49ad-8ee0-f2ad523a367e",
|
|
"value": "DualToy (MOB-S0031) uses Exploit via Charging Station or PC (MOB-T1061)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "bcecd036-f40e-4916-9f8e-fd0ccf0ece8d",
|
|
"target-uuid": "c5089859-b21f-40a3-8be4-63e381b8b1c0"
|
|
},
|
|
"uuid": "aa39b402-7ecc-4057-a989-663887e540e7",
|
|
"value": "Security Updates (MOB-M1001) mitigates Modify System Partition (MOB-T1003)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "93799a9d-3537-43d8-b6f4-17215de1657c",
|
|
"target-uuid": "b3c2e5de-0941-4b57-ba61-af029eb5517a"
|
|
},
|
|
"uuid": "f6098dca-3a9e-4991-8d51-1310b12161b6",
|
|
"value": "Pegasus for Android (MOB-S0032) uses Alternate Network Mediums (MOB-T1041)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "20dbaf05-59b8-4dc6-8777-0b17f4553a23",
|
|
"target-uuid": "6683aa0c-d98a-4f5b-ac57-ca7e9934a760"
|
|
},
|
|
"uuid": "bf2ea132-c8f3-4ea0-8c4c-bdc95923c3b1",
|
|
"value": "SpyNote RAT (MOB-S0021) uses Microphone or Camera Recordings (MOB-T1032)"
|
|
},
|
|
{
|
|
"meta": {
|
|
"source-uuid": "1553b156-6767-47f7-9eb4-2a692505666d",
|
|
"target-uuid": "6c49d50f-494d-4150-b774-a655022d20a6"
|
|
},
|
|
"uuid": "94a737af-9a72-48f6-a85e-d9d7fa93bfdd",
|
|
"value": "Application Vetting (MOB-M1005) mitigates Download New Code at Runtime (MOB-T1010)"
|
|
}
|
|
]
|
|
}
|