hxxps://url6[.]mailanyone[.]net/scanner?m=1s9UFM-000CiC-67&d=4%7Cmail%2F90%2F1716316200%2F1s9UFM-000CiC-67%7Cin6e%7C57e1b682%7C26023477%7C10839452%7C664CE828D09A29E749862A491AAAC3E1&o=%2Fphta%3A%2Fptspbinrllytaonozz[.]c[.]oeigc%2Fa&s=IY823YGYdPj0VexD71Fh81X9-uM | Triage

Sharing

General

Target

https://url6.mailanyone.net/scanner?m=1s9UFM-000CiC-67&d=4%7Cmail%2F90%2F1716316200%2F1s9UFM-000CiC-67%7Cin6e%7C57e1b682%7C26023477%7C10839452%7C664CE828D09A29E749862A491AAAC3E1&o=%2Fphta%3A%2Fptspbinrllytaonozz.c.oeigc%2Fa&s=IY823YGYdPj0VexD71Fh81X9-uM
Sample

240521-x56cjaga6w

Score

7^/10

android collection discovery evasion

Malware Config

Targets

- Target
  
  https://url6.mailanyone.net/scanner?m=1s9UFM-000CiC-67&d=4%7Cmail%2F90%2F1716316200%2F1s9UFM-000CiC-67%7Cin6e%7C57e1b682%7C26023477%7C10839452%7C664CE828D09A29E749862A491AAAC3E1&o=%2Fphta%3A%2Fptspbinrllytaonozz.c.oeigc%2Fa&s=IY823YGYdPj0VexD71Fh81X9-uM
Score

7^/10

collection discovery evasion
- Checks CPU information
  Checks CPU information which indicate if the system is an emulator.
  evasion discovery
- Checks memory information
  Checks memory information which indicate if the system is an emulator.
  evasion discovery
- Reads the content of photos stored on the user's device.
  collection
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

urlscan1

behavioral1

behavioral2

collectiondiscoveryevasion