Screen Capture (T1513)

View on ATT&CK

In Playbook

Technique & Subtechniques

  • Screen Capture

Associated Tactics

  • Collection

Collection (TA0035)

The adversary is trying to gather data of interest to their goal. Collection consists of techniques used to identify and gather information, such as sensitive files, from a target network prior to exfiltration. This category also covers locations on a system or network where the adversary may look for information to exfiltrate.

View on ATT&CK

Procedure Examples

Description Source(s)
Android Developers. (n.d.). Android Debug Bridge (adb). Retrieved August 8, 2019. Android ScreenCap2 2019
Android Developers. (n.d.). Android MediaProjectionManager. Retrieved August 8, 2019. Android ScreenCap1 2019
Bauer A., Kumar A., Hebeisen C., et al. (2019, July). Monokle: The Mobile Surveillance Tooling of the Special Technology Center. Retrieved September 4, 2019. Lookout-Monokle
Dario Durando. (2019, July 3). BianLian: A New Wave Emerges. Retrieved September 4, 2019. Fortinet screencap July 2019
Zhang, V. (2015, July 21). Hacking Team RCSAndroid Spying Tool Listens to Calls; Roots Devices to Get In. Retrieved August 8, 2019. Trend Micro ScreenCap July 2015
NIST Mobile Threat Catalogue