teabot | 4067054f202cc8e87557915783d4468b54985c5cc7b0b57df98ffbb106475196 | Triage

Submit
Reports

Overview

overview

Static

static

7

4067054f20...96.apk

android-9-x86

4067054f20...96.apk

android-10-x64

4067054f20...96.apk

android-11-x64

Sharing

General

Target

4067054f202cc8e87557915783d4468b54985c5cc7b0b57df98ffbb106475196.apk
Size

2.8MB
Sample

220907-f51cvagchm
MD5

4642c7a56039a82d8268282802c2fee9
SHA1

6210e111a2c5dfbdb5d2c04fda48f4ca3d08b630
SHA256

4067054f202cc8e87557915783d4468b54985c5cc7b0b57df98ffbb106475196
SHA512

85cf3f0ec3e0073a7228a5e8f15d6ff707b7e031c3f65340ca1f9a25b039dcbeeca0d019572706df33f4bc37b8d5dbe994c883cfbd1a460c91231f34517b2d30
SSDEEP

49152:DwgcICrG/hqSniYtN25YhcKWaCE5nduTMF5/9sIjZgKlN0q/uLSnls:crG/QQiYtEYhcKDC0ndWMP/9s8ZgyNlS

Score

10^/10

teabot android banker evasion infostealer trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

4067054f202cc8e87557915783d4468b54985c5cc7b0b57df98ffbb106475196.apk

Resource

android-x86-arm-20220823-en

teabot banker evasion infostealer trojan

android-9-x86

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

4067054f202cc8e87557915783d4468b54985c5cc7b0b57df98ffbb106475196.apk

Resource

android-x64-20220823-en

teabot banker infostealer trojan

android-10-x64

3 signatures

150 seconds

Behavioral task

behavioral3

Sample

4067054f202cc8e87557915783d4468b54985c5cc7b0b57df98ffbb106475196.apk

Resource

android-x64-arm64-20220823-en

android-11-x64

0 signatures

150 seconds

Malware Config

Targets

- Target
  
  4067054f202cc8e87557915783d4468b54985c5cc7b0b57df98ffbb106475196.apk
- Size
  
  2.8MB
- MD5
  
  4642c7a56039a82d8268282802c2fee9
- SHA1
  
  6210e111a2c5dfbdb5d2c04fda48f4ca3d08b630
- SHA256
  
  4067054f202cc8e87557915783d4468b54985c5cc7b0b57df98ffbb106475196
- SHA512
  
  85cf3f0ec3e0073a7228a5e8f15d6ff707b7e031c3f65340ca1f9a25b039dcbeeca0d019572706df33f4bc37b8d5dbe994c883cfbd1a460c91231f34517b2d30
- SSDEEP
  
  49152:DwgcICrG/hqSniYtN25YhcKWaCE5nduTMF5/9sIjZgKlN0q/uLSnls:crG/QQiYtEYhcKDC0ndWMP/9s8ZgyNlS
Score

10^/10

teabot banker evasion infostealer trojan
- TeaBot
  TeaBot is an android banker first seen in January 2021.
  banker trojan infostealer teabot
- TeaBot payload
- Makes use of the framework's Accessibility service.
- Acquires the wake lock.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Removes a system notification.
  evasion
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

teabotbankerevasioninfostealertrojan

behavioral2

teabotbankerinfostealertrojan

behavioral3

© 2018-2024

Terms | Privacy