Movatterモバイル変換


[0]ホーム

URL:


  1. Home
  2. Software
  3. eSurv

eSurv

eSurv is mobile surveillanceware designed for the lawful intercept market that was developed over the course of many years.[1]

ID: S0507
Type: MALWARE
Platforms: Android, iOS
Version: 1.1
Created: 14 September 2020
Last Modified: 29 March 2024
Mobile Layer
downloadview

Techniques Used

DomainIDNameUse
MobileT1429Audio Capture

eSurv can record audio.[1]

MobileT1533Data from Local System

eSurv can exfiltrate device pictures.[1]

MobileT1407Download New Code at Runtime

eSurv’s Android version is distributed in three stages: the dropper, the second stage payload, and the third stage payload which isExodus.[1]

MobileT1521.002Encrypted Channel:Asymmetric Cryptography

eSurv’s Android version has used public key encryption for C2 communication.[1]

.003Encrypted Channel:SSL Pinning

eSurv’s Android version has used certificate pinning for C2 communication.[1]

MobileT1627.001Execution Guardrails:Geofencing

eSurv imposes geo-restrictions when delivering the second stage.[1]

MobileT1646Exfiltration Over C2 Channel

eSurv has exfiltrated data using HTTP PUT requests.[1]

MobileT1430Location Tracking

eSurv can track the device’s location.[1]

MobileT1636.003Protected User Data:Contact List

eSurv can exfiltrate the device’s contact list.[1]

MobileT1426System Information Discovery

eSurv’s iOS version can collect device information.[1]

References

×

[8]ページ先頭

©2009-2026 Movatter.jp