Overview

overview

10

Static

static

Android

android_x86_64

10

Analysis

  • max time kernel
    1533893s
  • max time network
    160s
  • platform
    android_x86_64
  • resource
    android-x86_64
  • submitted
    11-05-2021 12:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    app_mal.apk

  • Size

    3.6MB

  • MD5

    b694ba8bf9c8d2b9cfde8c20c76c4716

  • SHA1

    1efda35ec2906e532c11f1be0bb55b88ea787b2d

  • SHA256

    89e5746d0903777ef68582733c777b9ee53c42dc4d64187398e1131cccfc0599

  • SHA512

    24c9c11923649be6b818c24523095710d366bb55c2d12ae75579d8dbc54ee12e2cd7ebf87ba89632c3ba9f86ba85fc1ea8db7da20e920ceb19d589c42e582ffa

Score
10/10
teabotbankerinfostealerobfuscationtrojan

Malware Config

Extracted

Family

teabot

C2

http://185.215.113.31:80/api/

http://178.32.130.170:80/api/

Signatures

  • TeaBot

    TeaBot is an android banker first seen in January 2021.

    bankertrojaninfostealerteabot
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Uses reflection 28 IoCs
    obfuscation

Processes

  • trouble.canyon.van
    1⤵
    • Loads dropped Dex/Jar
    • Uses reflection
    PID:3606

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads