Skip to content

S0304 Android/Chuli.A

Android/Chuli.A is Android malware that was delivered to activist groups via a spearphishing email with an attachment. 1

Item Value
ID S0304
Associated Names
Version 1.2
Created 25 October 2017
Last Modified 24 October 2022
Navigation Layer View In ATT&CK® Navigator

Techniques Used

Domain ID Name Use
mobile T1437 Application Layer Protocol -
mobile T1437.001 Web Protocols Android/Chuli.A used HTTP uploads to a URL as a command and control mechanism.1
mobile T1430 Location Tracking Android/Chuli.A stole geo-location data.1
mobile T1644 Out of Band Data Android/Chuli.A used SMS to receive command and control messages.1
mobile T1636 Protected User Data -
mobile T1636.002 Call Log Android/Chuli.A stole call logs.1
mobile T1636.003 Contact List Android/Chuli.A stole contact list data stored both on the the phone and the SIM card.1
mobile T1636.004 SMS Messages Android/Chuli.A stole SMS message content.1
mobile T1426 System Information Discovery Android/Chuli.A gathered system information including phone number, OS version, phone model, and SDK version.1