Skip to content

Hide Navigation Hide TOC

Chrysaor (9d7c772b-43f1-49cf-bc70-7a7cd2ed34c8)

Chrysaor is spyware believed to be created by NSO Group Technologies, specializing in the creation and sale of software and infrastructure for targeted attacks. Chrysaor is believed to be related to the Pegasus spyware that was first identified on iOS and analyzed by Citizen Lab and Lookout.

Cluster A Galaxy A Cluster B Galaxy B Level
Chrysaor (9d7c772b-43f1-49cf-bc70-7a7cd2ed34c8) Tool Pegasus for iOS - S0289 (33d9d91d-aad9-49d5-a516-220ce101ac8a) Malware 1
Chrysaor (9d7c772b-43f1-49cf-bc70-7a7cd2ed34c8) Tool Pegasus for Android - S0316 (93799a9d-3537-43d8-b6f4-17215de1657c) Malware 1
Chrysaor (9d7c772b-43f1-49cf-bc70-7a7cd2ed34c8) Tool Chrysaor (52acea22-7d88-433c-99e6-8fef1657e3ad) Malpedia 1
Pegasus for iOS - S0289 (33d9d91d-aad9-49d5-a516-220ce101ac8a) Malware Out of Band Data - T1644 (ec4c4baa-026f-43e8-8f56-58c36f3162dd) Attack Pattern 2
Pegasus for iOS - S0289 (33d9d91d-aad9-49d5-a516-220ce101ac8a) Malware Stored Application Data - T1409 (702055ac-4e54-4ae9-9527-e23a38e0b160) Attack Pattern 2
Pegasus for iOS - S0289 (33d9d91d-aad9-49d5-a516-220ce101ac8a) Malware SMS Messages - T1636.004 (c6421411-ae61-42bb-9098-73fddb315002) Attack Pattern 2
Pegasus for iOS - S0289 (33d9d91d-aad9-49d5-a516-220ce101ac8a) Malware Phishing - T1660 (defc1257-4db1-4fb3-8ef5-bb77f63146df) Attack Pattern 2
Pegasus for iOS - S0289 (33d9d91d-aad9-49d5-a516-220ce101ac8a) Malware System Information Discovery - T1426 (e2ea7f6b-8d4f-49c3-819d-660530d12b77) Attack Pattern 2
Pegasus for iOS - S0289 (33d9d91d-aad9-49d5-a516-220ce101ac8a) Malware Compromise Client Software Binary - T1645 (4f14e30b-8b57-4a7b-9093-2c0778ea99cf) Attack Pattern 2
Pegasus for iOS - S0289 (33d9d91d-aad9-49d5-a516-220ce101ac8a) Malware Chrysaor (52acea22-7d88-433c-99e6-8fef1657e3ad) Malpedia 2
Pegasus for iOS - S0289 (33d9d91d-aad9-49d5-a516-220ce101ac8a) Malware Location Tracking - T1430 (99e6295e-741b-4857-b6e5-64989eb039b4) Attack Pattern 2
Pegasus for iOS - S0289 (33d9d91d-aad9-49d5-a516-220ce101ac8a) Malware Exploitation for Client Execution - T1658 (5abfc5e6-3c56-49e7-ad72-502d01acf28b) Attack Pattern 2
Pegasus for iOS - S0289 (33d9d91d-aad9-49d5-a516-220ce101ac8a) Malware Call Log - T1636.002 (1d1b1558-c833-482e-aabb-d07ef6eae63d) Attack Pattern 2
Audio Capture - T1429 (6683aa0c-d98a-4f5b-ac57-ca7e9934a760) Attack Pattern Pegasus for iOS - S0289 (33d9d91d-aad9-49d5-a516-220ce101ac8a) Malware 2
Pegasus for iOS - S0289 (33d9d91d-aad9-49d5-a516-220ce101ac8a) Malware System Network Connections Discovery - T1421 (dd818ea5-adf5-41c7-93b5-f3b839a219fb) Attack Pattern 2
Pegasus for iOS - S0289 (33d9d91d-aad9-49d5-a516-220ce101ac8a) Malware Exploitation for Initial Access - T1664 (6ecbc2eb-e85a-440a-ab68-4d98f8d56fbe) Attack Pattern 2
Pegasus for iOS - S0289 (33d9d91d-aad9-49d5-a516-220ce101ac8a) Malware Contact List - T1636.003 (e0b9ecb8-a7d1-43c7-aa30-8e19c6a92c86) Attack Pattern 2
Exploitation for Privilege Escalation - T1404 (351c0927-2fc1-4a2c-ad84-cbbee7eb8172) Attack Pattern Pegasus for iOS - S0289 (33d9d91d-aad9-49d5-a516-220ce101ac8a) Malware 2
Pegasus for iOS - S0289 (33d9d91d-aad9-49d5-a516-220ce101ac8a) Malware Drive-By Compromise - T1456 (fd339382-bfec-4bf0-8d47-1caedc9e7e57) Attack Pattern 2
Out of Band Data - T1644 (ec4c4baa-026f-43e8-8f56-58c36f3162dd) Attack Pattern Pegasus for Android - S0316 (93799a9d-3537-43d8-b6f4-17215de1657c) Malware 2
Pegasus for Android - S0316 (93799a9d-3537-43d8-b6f4-17215de1657c) Malware Stored Application Data - T1409 (702055ac-4e54-4ae9-9527-e23a38e0b160) Attack Pattern 2
Pegasus for Android - S0316 (93799a9d-3537-43d8-b6f4-17215de1657c) Malware Software Discovery - T1418 (198ce408-1470-45ee-b47f-7056050d4fc2) Attack Pattern 2
Wi-Fi Discovery - T1422.002 (be63612f-a48f-44f2-a7a6-1763509fcf80) Attack Pattern Pegasus for Android - S0316 (93799a9d-3537-43d8-b6f4-17215de1657c) Malware 2
Compromise Client Software Binary - T1645 (4f14e30b-8b57-4a7b-9093-2c0778ea99cf) Attack Pattern Pegasus for Android - S0316 (93799a9d-3537-43d8-b6f4-17215de1657c) Malware 2
Chrysaor (52acea22-7d88-433c-99e6-8fef1657e3ad) Malpedia Pegasus for Android - S0316 (93799a9d-3537-43d8-b6f4-17215de1657c) Malware 2
Pegasus for Android - S0316 (93799a9d-3537-43d8-b6f4-17215de1657c) Malware Call Log - T1636.002 (1d1b1558-c833-482e-aabb-d07ef6eae63d) Attack Pattern 2
Audio Capture - T1429 (6683aa0c-d98a-4f5b-ac57-ca7e9934a760) Attack Pattern Pegasus for Android - S0316 (93799a9d-3537-43d8-b6f4-17215de1657c) Malware 2
Pegasus for Android - S0316 (93799a9d-3537-43d8-b6f4-17215de1657c) Malware Calendar Entries - T1636.001 (a9fa0d30-a8ff-45bf-922e-7720da0b7922) Attack Pattern 2
Pegasus for Android - S0316 (93799a9d-3537-43d8-b6f4-17215de1657c) Malware Contact List - T1636.003 (e0b9ecb8-a7d1-43c7-aa30-8e19c6a92c86) Attack Pattern 2
Exploitation for Privilege Escalation - T1404 (351c0927-2fc1-4a2c-ad84-cbbee7eb8172) Attack Pattern Pegasus for Android - S0316 (93799a9d-3537-43d8-b6f4-17215de1657c) Malware 2
Video Capture - T1512 (d8940e76-f9c1-4912-bea6-e21c251370b6) Attack Pattern Pegasus for Android - S0316 (93799a9d-3537-43d8-b6f4-17215de1657c) Malware 2
Internet Connection Discovery - T1422.001 (45a5fe76-eda3-4d40-8f22-c186efd6278d) Attack Pattern Pegasus for Android - S0316 (93799a9d-3537-43d8-b6f4-17215de1657c) Malware 2
Pegasus for Android - S0316 (93799a9d-3537-43d8-b6f4-17215de1657c) Malware Broadcast Receivers - T1624.001 (3775a580-a1d1-46c4-8147-c614a715f2e9) Attack Pattern 2
Pegasus for Android - S0316 (93799a9d-3537-43d8-b6f4-17215de1657c) Malware System Network Configuration Discovery - T1422 (d4536441-1bcc-49fa-80ae-a596ed3f7ffd) Attack Pattern 2
Protected User Data - T1636 (11c2c2b7-1fd4-408f-bc2e-fe772ef9df5e) Attack Pattern SMS Messages - T1636.004 (c6421411-ae61-42bb-9098-73fddb315002) Attack Pattern 3
Protected User Data - T1636 (11c2c2b7-1fd4-408f-bc2e-fe772ef9df5e) Attack Pattern Call Log - T1636.002 (1d1b1558-c833-482e-aabb-d07ef6eae63d) Attack Pattern 3
Protected User Data - T1636 (11c2c2b7-1fd4-408f-bc2e-fe772ef9df5e) Attack Pattern Contact List - T1636.003 (e0b9ecb8-a7d1-43c7-aa30-8e19c6a92c86) Attack Pattern 3
Wi-Fi Discovery - T1422.002 (be63612f-a48f-44f2-a7a6-1763509fcf80) Attack Pattern System Network Configuration Discovery - T1422 (d4536441-1bcc-49fa-80ae-a596ed3f7ffd) Attack Pattern 3
Protected User Data - T1636 (11c2c2b7-1fd4-408f-bc2e-fe772ef9df5e) Attack Pattern Calendar Entries - T1636.001 (a9fa0d30-a8ff-45bf-922e-7720da0b7922) Attack Pattern 3
Internet Connection Discovery - T1422.001 (45a5fe76-eda3-4d40-8f22-c186efd6278d) Attack Pattern System Network Configuration Discovery - T1422 (d4536441-1bcc-49fa-80ae-a596ed3f7ffd) Attack Pattern 3
Broadcast Receivers - T1624.001 (3775a580-a1d1-46c4-8147-c614a715f2e9) Attack Pattern Event Triggered Execution - T1624 (d446b9f0-06a9-4a8d-97ee-298cfee84f14) Attack Pattern 3