Skip to content

S0535 Golden Cup

Golden Cup is Android spyware that has been used to target World Cup fans.1

Item Value
ID S0535
Associated Names
Version 1.0
Created 20 November 2020
Last Modified 22 December 2020
Navigation Layer View In ATT&CK® Navigator

Techniques Used

Domain ID Name Use
mobile T1432 Access Contact List Golden Cup can collect the device’s contact list.1
mobile T1418 Application Discovery Golden Cup can obtain a list of installed applications.1
mobile T1429 Capture Audio Golden Cup can record audio from the microphone and phone calls.1
mobile T1512 Capture Camera Golden Cup can take pictures with the camera.1
mobile T1412 Capture SMS Messages Golden Cup can collect sent and received SMS messages.1
mobile T1532 Data Encrypted Golden Cup has encrypted exfiltrated data using AES in ECB mode.1
mobile T1533 Data from Local System Golden Cup can collect images, videos, and attacker-specified files.1
mobile T1475 Deliver Malicious App via Authorized App Store Golden Cup has been distributed via the Google Play Store.1
mobile T1407 Download New Code at Runtime Golden Cup has been distributed in two stages.1
mobile T1420 File and Directory Discovery Golden Cup can collect a directory listing of external storage.1
mobile T1430 Location Tracking Golden Cup can track the device’s location.1
mobile T1437 Standard Application Layer Protocol Golden Cup has communicated with the C2 using MQTT and HTTP.1
mobile T1426 System Information Discovery Golden Cup can collect various pieces of device information, such as serial number and product information.1
mobile T1422 System Network Configuration Discovery Golden Cup can collect the device’s phone number and IMSI.1


Back to top