Pulse Detail — Threat Intelligence

PULSE NAME

VirusTotal report for od-sugar-mail-email-app-mod-apk-pro-unlocked-1-4-329-329.apk

WHITE msudosos 2026-03-15 Modified: 2026-03-15

118

IOCs

HIGH VOLUME

I don't own an android. "not malicious" "Requests potentially dangerous permissions" smh. Defense Evasion T1421 System Network Connections Discovery confidence: medium T1422 System Network Configuration Discovery confidence: medium T1430 Location Tracking confidence: medium T1418 Software Discovery confidence: medium T1426 System Information Discovery confidence: medium T1424 Process Discovery confidence: medium Discovery T1430 Location Tracking confidence: medium T1518.001 Security Software Discovery confidence: low T1409 Stored Application Data confidence: medium Network Info

MITRE ATT&CK & Malware Families

ATT&CK TECHNIQUES

T1406 T1409 T1418 T1421 T1422 T1424 T1426 T1430 T1518

Indicators of Compromise (118)

All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL hostname domain

TYPE	INDICATOR	DESCRIPTION	CREATED
FileHash-MD5	fd92e86fa867d40e66545ce410dcf649	—	2026-03-15
FileHash-SHA1	4b1f6caa2adca194f37348f7ee5b3641f8125d42	—	2026-03-15
FileHash-SHA256	331ee06cd087d748f6c38be20fadb6749a679904632e758691b90155872b0047	—	2026-03-15
URL	https://hub.email2-cloud.com	—	2026-03-15
URL	https://hub.email2-cloud.com/oauth.html	—	2026-03-15
hostname	hub.email2-cloud.com	—	2026-03-15
URL	http://schemas.android.com/aapt	—	2026-03-15
URL	http://schemas.android.com/apk/res-auto	—	2026-03-15
URL	http://schemas.android.com/apk/res/android	—	2026-03-15
URL	http://schemas.android.com/apk/res/android##org.kman.email2.silly.SillyListView	—	2026-03-15
URL	http://schemas.android.com/apk/res/android%%org.kman.email2.view.CategoryNameView	—	2026-03-15
URL	http://schemas.android.com/apk/res/android%%org.kman.email2.view.ContactImageView	—	2026-03-15
URL	http://schemas.android.com/apk/res/android--org.kman.email2.silly.SillySwipeRefreshLayout$$org.kman.	—	2026-03-15
URL	http://schemas.android.com/apk/res/android33org.kman.email2.contactpicker.ContactPagerIndicator33org	—	2026-03-15
URL	http://schemas.android.com/apk/res/android33org.kman.email2.prefs.AccountOptionsComposeFragment33org	—	2026-03-15
URL	http://schemas.xmlsoap.org/soap/envelope/	—	2026-03-15
URL	https://android.googlesource.com/toolchain/llvm-project	—	2026-03-15
URL	https://api.login.aol.com/oauth2/get_token	—	2026-03-15
URL	https://api.login.aol.com/oauth2/request_auth	—	2026-03-15
URL	https://api.login.aol.com/openid/v1/userinfo	—	2026-03-15
URL	https://api.login.yahoo.com/oauth2/get_token	—	2026-03-15
URL	https://api.login.yahoo.com/oauth2/request_auth	—	2026-03-15
URL	https://api.login.yahoo.com/openid/v1/userinfo	—	2026-03-15
URL	https://avatars.yandex.net/get-yapic/	—	2026-03-15
URL	https://foo.com/	—	2026-03-15
URL	https://goo.gl/NAOOOI	—	2026-03-15
URL	https://goo.gl/NAOOOI.	—	2026-03-15
URL	https://login.microsoftonline.com/common/oauth2/authorize	—	2026-03-15
URL	https://login.microsoftonline.com/common/oauth2/nativeclient	—	2026-03-15
URL	https://login.microsoftonline.com/common/oauth2/token	—	2026-03-15
URL	https://login.microsoftonline.com/common/oauth2/v2.0/authorize	—	2026-03-15
URL	https://login.microsoftonline.com/common/oauth2/v2.0/token	—	2026-03-15
URL	https://oauth.mail.ru/login	—	2026-03-15
URL	https://oauth.mail.ru/token	—	2026-03-15
URL	https://oauth.mail.ru/userinfo	—	2026-03-15
URL	https://outlook.office365.com/	—	2026-03-15
URL	https://outlook.office365.com/EWS.AccessAsUser.All	—	2026-03-15
URL	https://skymail.app/oauth.html	—	2026-03-15
URL	https://sugarmail.app	—	2026-03-15
URL	https://sugarmail.app/privacy.html	—	2026-03-15
URL	https://unsplash.com	—	2026-03-15
URL	https://ya.ru	—	2026-03-15
domain	foo.com	—	2026-03-15
domain	goo.gl	—	2026-03-15
domain	iy.bf	—	2026-03-15
domain	resizer.so	—	2026-03-15
domain	skymail.app	—	2026-03-15
domain	sugarmail.app	—	2026-03-15
domain	unsplash.com	—	2026-03-15
domain	ya.ru	—	2026-03-15
hostname	android.googlesource.com	—	2026-03-15
hostname	api.login.aol.com	—	2026-03-15
hostname	api.login.yahoo.com	—	2026-03-15
hostname	avatars.yandex.net	—	2026-03-15
hostname	login.microsoftonline.com	—	2026-03-15
hostname	oauth.mail.ru	—	2026-03-15
hostname	outlook.office365.com	—	2026-03-15
hostname	schemas.android.com	—	2026-03-15
hostname	schemas.xmlsoap.org	—	2026-03-15
FileHash-MD5	fd92e86fa867d40e66545ce410dcf649	—	2026-03-15
FileHash-SHA1	4b1f6caa2adca194f37348f7ee5b3641f8125d42	—	2026-03-15
FileHash-SHA256	331ee06cd087d748f6c38be20fadb6749a679904632e758691b90155872b0047	—	2026-03-15
URL	https://hub.email2-cloud.com	—	2026-03-15
URL	https://hub.email2-cloud.com/oauth.html	—	2026-03-15
hostname	hub.email2-cloud.com	—	2026-03-15
URL	http://schemas.android.com/aapt	—	2026-03-15
URL	http://schemas.android.com/apk/res-auto	—	2026-03-15
URL	http://schemas.android.com/apk/res/android	—	2026-03-15
URL	http://schemas.android.com/apk/res/android##org.kman.email2.silly.SillyListView	—	2026-03-15
URL	http://schemas.android.com/apk/res/android%%org.kman.email2.view.CategoryNameView	—	2026-03-15
URL	http://schemas.android.com/apk/res/android%%org.kman.email2.view.ContactImageView	—	2026-03-15
URL	http://schemas.android.com/apk/res/android--org.kman.email2.silly.SillySwipeRefreshLayout$$org.kman.	—	2026-03-15
URL	http://schemas.android.com/apk/res/android33org.kman.email2.contactpicker.ContactPagerIndicator33org	—	2026-03-15
URL	http://schemas.android.com/apk/res/android33org.kman.email2.prefs.AccountOptionsComposeFragment33org	—	2026-03-15
URL	http://schemas.xmlsoap.org/soap/envelope/	—	2026-03-15
URL	https://android.googlesource.com/toolchain/llvm-project	—	2026-03-15
URL	https://api.login.aol.com/oauth2/get_token	—	2026-03-15
URL	https://api.login.aol.com/oauth2/request_auth	—	2026-03-15
URL	https://api.login.aol.com/openid/v1/userinfo	—	2026-03-15
URL	https://api.login.yahoo.com/oauth2/get_token	—	2026-03-15
URL	https://api.login.yahoo.com/oauth2/request_auth	—	2026-03-15
URL	https://api.login.yahoo.com/openid/v1/userinfo	—	2026-03-15
URL	https://avatars.yandex.net/get-yapic/	—	2026-03-15
URL	https://foo.com/	—	2026-03-15
URL	https://goo.gl/NAOOOI	—	2026-03-15
URL	https://goo.gl/NAOOOI.	—	2026-03-15
URL	https://login.microsoftonline.com/common/oauth2/authorize	—	2026-03-15
URL	https://login.microsoftonline.com/common/oauth2/nativeclient	—	2026-03-15
URL	https://login.microsoftonline.com/common/oauth2/token	—	2026-03-15
URL	https://login.microsoftonline.com/common/oauth2/v2.0/authorize	—	2026-03-15
URL	https://login.microsoftonline.com/common/oauth2/v2.0/token	—	2026-03-15
URL	https://oauth.mail.ru/login	—	2026-03-15
URL	https://oauth.mail.ru/token	—	2026-03-15
URL	https://oauth.mail.ru/userinfo	—	2026-03-15
URL	https://outlook.office365.com/	—	2026-03-15
URL	https://outlook.office365.com/EWS.AccessAsUser.All	—	2026-03-15
URL	https://skymail.app/oauth.html	—	2026-03-15
URL	https://sugarmail.app	—	2026-03-15
URL	https://sugarmail.app/privacy.html	—	2026-03-15
URL	https://unsplash.com	—	2026-03-15
URL	https://ya.ru	—	2026-03-15
domain	foo.com	—	2026-03-15
domain	goo.gl	—	2026-03-15
domain	iy.bf	—	2026-03-15
domain	resizer.so	—	2026-03-15
domain	skymail.app	—	2026-03-15
domain	sugarmail.app	—	2026-03-15
domain	unsplash.com	—	2026-03-15
domain	ya.ru	—	2026-03-15
hostname	android.googlesource.com	—	2026-03-15
hostname	api.login.aol.com	—	2026-03-15
hostname	api.login.yahoo.com	—	2026-03-15
hostname	avatars.yandex.net	—	2026-03-15
hostname	login.microsoftonline.com	—	2026-03-15
hostname	oauth.mail.ru	—	2026-03-15
hostname	outlook.office365.com	—	2026-03-15
hostname	schemas.android.com	—	2026-03-15
hostname	schemas.xmlsoap.org	—	2026-03-15