Skip to content

S0304 Android/Chuli.A

Android/Chuli.A is Android malware that was delivered to activist groups via a spearphishing email with an attachment. 1

Item Value
ID S0304
Associated Names
Version 1.2
Created 25 October 2017
Last Modified 15 October 2019
Navigation Layer View In ATT&CK® Navigator

Techniques Used

Domain ID Name Use
mobile T1433 Access Call Log Android/Chuli.A stole call logs.1
mobile T1432 Access Contact List Android/Chuli.A stole contact list data stored both on the the phone and the SIM card.1
mobile T1438 Alternate Network Mediums Android/Chuli.A used SMS to receive command and control messages.1
mobile T1412 Capture SMS Messages Android/Chuli.A stole SMS message content.1
mobile T1476 Deliver Malicious App via Other Means Android/Chuli.A was delivered via a spearphishing message containing a malicious Android application as an attachment.1
mobile T1430 Location Tracking Android/Chuli.A stole geo-location data.1
mobile T1437 Standard Application Layer Protocol Android/Chuli.A used HTTP uploads to a URL as a command and control mechanism.1
mobile T1426 System Information Discovery Android/Chuli.A gathered system information including phone number, OS version, phone model, and SDK version.1


Back to top