216.73.216.170

T1645: Compromise Client Software Binary

View on MITRE ATT&CK The MITRE Corporation · Published 30/03/2022 21:53 · Modified 27/03/2026 01:41

Essential information

MITRE technique ID
T1645
Confidence
100/100
Revoked
No
Published
30/03/2022 21:53
Modified
27/03/2026 01:41
Author / Source
The MITRE Corporation

Platforms

android iOS

Description

Adversaries may modify system software binaries to establish persistent access to devices. System software binaries are used by the underlying operating system and users over adb or terminal emulators. Adversaries may make modifications to client software binaries to carry out malicious tasks when those binaries are executed. For example, malware may come with a pre-compiled malicious binary intended to overwrite the genuine one on the device. Since these binaries may be routinely executed by the system or user, the adversary can leverage this for persistent access to the device.

Kill chain phases

Kill chainPhase
mitre-mobile-attack persistence

Marking (TLP)

Copyright 2015-2025, The MITRE Corporation. MITRE ATT&CK and ATT&CK are registered trademarks of The MITRE Corporation.

External references