teabot | bd0390766d997a2f74af7f563219bc53a095fd7cd7edda0143e86d1b218b13e1 | Triage

Submit
Reports

Overview

overview

Static

static

6

bd0390766d...e1.apk

android-9-x86

bd0390766d...e1.apk

android-10-x64

bd0390766d...e1.apk

android-11-x64

Sharing

General

Target

bd0390766d997a2f74af7f563219bc53a095fd7cd7edda0143e86d1b218b13e1
Size

3.7MB
Sample

231224-c1wmbagaf3
MD5

12d484ec42fce57aef35ba1ee71b7956
SHA1

2a1400ed401aa5cace9609c32ebf8d168acd58ff
SHA256

bd0390766d997a2f74af7f563219bc53a095fd7cd7edda0143e86d1b218b13e1
SHA512

288e71fe7121b2b0fc51dae92932af984fb54eaf2b1bc6e8b071b28358cbc0c9c240fb32c01b2106614cce2ef0f617704318746917a87fbc13db1d47b7b827f4
SSDEEP

98304:b0vbtMkG1CR4Ud1/HOtIuHTqaSkF85jLD8cEv0P:b02D+exHJSy85jHEe

Score

10^/10

teabot android banker evasion infostealer stealth trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

bd0390766d997a2f74af7f563219bc53a095fd7cd7edda0143e86d1b218b13e1.apk

Resource

android-x86-arm-20231215-en

teabot banker evasion infostealer stealth trojan

android-9-x86

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

bd0390766d997a2f74af7f563219bc53a095fd7cd7edda0143e86d1b218b13e1.apk

Resource

android-x64-20231215-en

teabot banker infostealer trojan

android-10-x64

5 signatures

150 seconds

Behavioral task

behavioral3

Sample

bd0390766d997a2f74af7f563219bc53a095fd7cd7edda0143e86d1b218b13e1.apk

Resource

android-x64-arm64-20231215-en

teabot banker evasion infostealer trojan

android-11-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  bd0390766d997a2f74af7f563219bc53a095fd7cd7edda0143e86d1b218b13e1
- Size
  
  3.7MB
- MD5
  
  12d484ec42fce57aef35ba1ee71b7956
- SHA1
  
  2a1400ed401aa5cace9609c32ebf8d168acd58ff
- SHA256
  
  bd0390766d997a2f74af7f563219bc53a095fd7cd7edda0143e86d1b218b13e1
- SHA512
  
  288e71fe7121b2b0fc51dae92932af984fb54eaf2b1bc6e8b071b28358cbc0c9c240fb32c01b2106614cce2ef0f617704318746917a87fbc13db1d47b7b827f4
- SSDEEP
  
  98304:b0vbtMkG1CR4Ud1/HOtIuHTqaSkF85jLD8cEv0P:b02D+exHJSy85jHEe
Score

10^/10

teabot banker evasion infostealer stealth trojan
- TeaBot
  TeaBot is an android banker first seen in January 2021.
  banker trojan infostealer teabot
- TeaBot payload
- Makes use of the framework's Accessibility service
  Retrieves information displayed on the phone screen using AccessibilityService.
- Removes its main activity from the application launcher
  stealth trojan
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Acquires the wake lock
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  evasion
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

teabotbankerevasioninfostealerstealthtrojan

behavioral2

teabotbankerinfostealertrojan

behavioral3

teabotbankerevasioninfostealertrojan

© 2018-2024

Terms | Privacy