MoVP II - 3.4 - Checking the ARM (Android) System Call Table and Exception Vector Table for Signs of Rootkits
Tags
attack-pattern: Data Direct Hardware - T1592.001 Hooking - T1617 Python - T1059.006 Trap - T1546.005 Hooking - T1179 Trap - T1154 Hooking
Show in Graph
Common Information
Type Value
UUID ae4eab49-0efc-4bde-987a-566a20ae4ea8
Fingerprint 239ab93a9d60d70c
Analysis status DONE
Considered CTI value 0
Text language
Published June 3, 2013, 1:20 p.m.
Added to db Jan. 18, 2023, 10:43 p.m.
Last updated Nov. 12, 2024, 8:53 a.m.
Headline Volatility Labs
Title MoVP II - 3.4 - Checking the ARM (Android) System Call Table and Exception Vector Table for Signs of Rootkits
Detected Hints/Tags/Attributes 22/1/2
Source URLs
Redirection Url
Details Source https://volatility-labs.blogspot.com/2013/06/movp-ii-34-checking-arm-android-system.html
URL Provider
Details Provider Source level domain
Details blogspot.com volatility-labs.blogspot.com
Attributes
Details Type #Events CTI Value
Details Domain 89 
vol.py
Details File 85 
vol.py