teabot | 7d91d0923fcc9f4f672e2767a3024d27755bb5949d6e9926594c4fa2b1059168 | Triage

Sharing

General

Target

UPS974.apk
Size

2.6MB
Sample

210512-5jgegy5786
MD5

992a51cb63c965afe06247db64b3471c
SHA1

b3e8d4958d4c2979a940c70d054511cf009a5199
SHA256

7d91d0923fcc9f4f672e2767a3024d27755bb5949d6e9926594c4fa2b1059168
SHA512

b67c61bbfe10be9aa79cbf39847d1852758caf4e4d7678908e2504a4144de1840842f3f355a98f92d1697b3246978ac6ee159e96021b8f7468b8ab016c8afd2b

Score

10^/10

teabot android banker infostealer obfuscation trojan

Malware Config

Extracted

Family

teabot

AES_key

AES_key

AES_key

AES_key

AES_key

AES_key

AES_key

Targets

- Target
  
  UPS974.apk
- Size
  
  2.6MB
- MD5
  
  992a51cb63c965afe06247db64b3471c
- SHA1
  
  b3e8d4958d4c2979a940c70d054511cf009a5199
- SHA256
  
  7d91d0923fcc9f4f672e2767a3024d27755bb5949d6e9926594c4fa2b1059168
- SHA512
  
  b67c61bbfe10be9aa79cbf39847d1852758caf4e4d7678908e2504a4144de1840842f3f355a98f92d1697b3246978ac6ee159e96021b8f7468b8ab016c8afd2b
Score

10^/10

teabot banker infostealer obfuscation trojan
- TeaBot
  TeaBot is an android banker first seen in January 2021.
  banker trojan infostealer teabot
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

teabotbankerinfostealerobfuscationtrojan