General
-
Target
main.apk
-
Size
1.2MB
-
Sample
220506-hfrqhshch2
-
MD5
c8793b4d4b5bedec055b8226358ed00a
-
SHA1
945feae70d7f65d36b30f97fe3ad5c995bc37bfc
-
SHA256
767c218be4e7d2c99ee9c8b36128ac932d2dac0e3792ce638b804083f75e1096
-
SHA512
ee9bff8b99de34ef8e283bca0ff3acf74a02abe9bc24bcb48396d96f21871bc366dbdcce0912b2477286146ad1ff3dfcca549a6e3dfabc00b2a78efd6a4bbcdc
Static task
static1
Behavioral task
behavioral1
Sample
main.apk
Resource
android-x86-arm-20220310-en
Behavioral task
behavioral2
Sample
main.apk
Resource
android-x64-20220310-en
Behavioral task
behavioral3
Sample
main.apk
Resource
android-x64-arm64-20220310-en
Malware Config
Extracted
teabot
http://51.38.166.150:80/api/
http://62.182.81.71:80/api/
Targets
-
-
Target
main.apk
-
Size
1.2MB
-
MD5
c8793b4d4b5bedec055b8226358ed00a
-
SHA1
945feae70d7f65d36b30f97fe3ad5c995bc37bfc
-
SHA256
767c218be4e7d2c99ee9c8b36128ac932d2dac0e3792ce638b804083f75e1096
-
SHA512
ee9bff8b99de34ef8e283bca0ff3acf74a02abe9bc24bcb48396d96f21871bc366dbdcce0912b2477286146ad1ff3dfcca549a6e3dfabc00b2a78efd6a4bbcdc
Score10/10-
TeaBot Payload
-
Makes use of the framework's Accessibility service.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
-
Acquires the wake lock.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Removes a system notification.
-