Overview

overview

10

Static

static

7

ca4f0b0b06...07.apk

android-9-x86

10

ca4f0b0b06...07.apk

android-10-x64

1

ca4f0b0b06...07.apk

android-11-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ca4f0b0b06f5858ea61f86a9aff8a2876fb066af61700bd3a6e3800886c5fc07.apk

  • Size

    15.7MB

  • Sample

    230629-qmk6baea2s

  • MD5

    a093a00891e314bace128c33ca0e02bc

  • SHA1

    b75da8bd5d5d43808152283fc471433110026a4c

  • SHA256

    ca4f0b0b06f5858ea61f86a9aff8a2876fb066af61700bd3a6e3800886c5fc07

  • SHA512

    4cee6a48584e5683b33431eae8c93e4e24b4de30700bb035bdffaba60a3c08b6f350827b8cdc08b6291017f57492424d08b9212ec26571561aec136df71b6cae

  • SSDEEP

    196608:YifGIDHg2XcxBT0lArHvVvY6bMAs0EuXrNADgw4MTEZxjqnDIF0ovjHmH5eqBvXL:Yiz7g/ZtrPe6bMAshu7CF4MT4F08Ghpb

Score
10/10
teabotandroidbankerevasioninfostealertrojan

Malware Config

Extracted

Family

teabot

AES_key

Targets

    • Target

      ca4f0b0b06f5858ea61f86a9aff8a2876fb066af61700bd3a6e3800886c5fc07.apk

    • Size

      15.7MB

    • MD5

      a093a00891e314bace128c33ca0e02bc

    • SHA1

      b75da8bd5d5d43808152283fc471433110026a4c

    • SHA256

      ca4f0b0b06f5858ea61f86a9aff8a2876fb066af61700bd3a6e3800886c5fc07

    • SHA512

      4cee6a48584e5683b33431eae8c93e4e24b4de30700bb035bdffaba60a3c08b6f350827b8cdc08b6291017f57492424d08b9212ec26571561aec136df71b6cae

    • SSDEEP

      196608:YifGIDHg2XcxBT0lArHvVvY6bMAs0EuXrNADgw4MTEZxjqnDIF0ovjHmH5eqBvXL:Yiz7g/ZtrPe6bMAshu7CF4MT4F08Ghpb

    Score
    10/10
    teabotbankerevasioninfostealertrojan

    • TeaBot

      TeaBot is an android banker first seen in January 2021.

      bankertrojaninfostealerteabot

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Legitimate hosting services abused for malware hosting/C2

    • Reads information about phone network operator.

    • Removes a system notification.

      evasion
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks