S0304 Android/Chuli.A
Android/Chuli.A is Android malware that was delivered to activist groups via a spearphishing email with an attachment. 1
| Item | Value |
|---|---|
| ID | S0304 |
| Associated Names | |
| Type | MALWARE |
| Version | 1.2 |
| Created | 25 October 2017 |
| Last Modified | 15 October 2019 |
| Navigation Layer | View In ATT&CK® Navigator |
Techniques Used
| Domain | ID | Name | Use |
|---|---|---|---|
| mobile | T1433 | Access Call Log | Android/Chuli.A stole call logs.1 |
| mobile | T1432 | Access Contact List | Android/Chuli.A stole contact list data stored both on the the phone and the SIM card.1 |
| mobile | T1438 | Alternate Network Mediums | Android/Chuli.A used SMS to receive command and control messages.1 |
| mobile | T1412 | Capture SMS Messages | Android/Chuli.A stole SMS message content.1 |
| mobile | T1476 | Deliver Malicious App via Other Means | Android/Chuli.A was delivered via a spearphishing message containing a malicious Android application as an attachment.1 |
| mobile | T1430 | Location Tracking | Android/Chuli.A stole geo-location data.1 |
| mobile | T1437 | Standard Application Layer Protocol | Android/Chuli.A used HTTP uploads to a URL as a command and control mechanism.1 |
| mobile | T1426 | System Information Discovery | Android/Chuli.A gathered system information including phone number, OS version, phone model, and SDK version.1 |