teabot | e8dc3622a9cc73faac2fb2837f197a4e25504f09fe399be7ef3cb9c51ed4b64f | Triage

Submit
Reports

Overview

overview

Static

static

8

Android APK

android_x64

Sharing

General

Target

Voicemail30.apk
Size

4.4MB
Sample

210722-eqce1q1y5a
MD5

fc3000b5ab71b6e4ba11008952f50c89
SHA1

475494b15530e53e09dafc548a2de1009aec8358
SHA256

e8dc3622a9cc73faac2fb2837f197a4e25504f09fe399be7ef3cb9c51ed4b64f
SHA512

79ef9967a8a38d0635dd9b2f663a35d012a1611eba0d02b4df0623225bd475427a95dd87f5d8bab33b8fb7d27717df8585a406e4d24de7165d3d3f5d4c0383cd

Score

10^/10

teabot android banker infostealer obfuscation trojan

Static task

static1

Behavioral task

behavioral1

Sample

Voicemail30.apk

Resource

android-x64

teabot banker infostealer obfuscation trojan

android_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

teabot

C2

http://178.32.130.175:84/api/

Targets

- Target
  
  Voicemail30.apk
- Size
  
  4.4MB
- MD5
  
  fc3000b5ab71b6e4ba11008952f50c89
- SHA1
  
  475494b15530e53e09dafc548a2de1009aec8358
- SHA256
  
  e8dc3622a9cc73faac2fb2837f197a4e25504f09fe399be7ef3cb9c51ed4b64f
- SHA512
  
  79ef9967a8a38d0635dd9b2f663a35d012a1611eba0d02b4df0623225bd475427a95dd87f5d8bab33b8fb7d27717df8585a406e4d24de7165d3d3f5d4c0383cd
Score

10^/10

teabot banker infostealer obfuscation trojan
- TeaBot
  TeaBot is an android banker first seen in January 2021.
  banker trojan infostealer teabot
- TeaBot Payload
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Requests enabling of the accessibility settings.
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

teabotbankerinfostealerobfuscationtrojan

© 2018-2024

Terms | Privacy