ginp | f9e0fd26bdf1ef7a5cc255616368c8d0df6bb68e4d787e3bc1cee1b104f05184 | Triage

Submit
Reports

Overview

overview

Static

static

Android APK

android_x86_64

Sharing

General

Target

f9e0fd26bdf1ef7a5cc255616368c8d0df6bb68e4d787e3bc1cee1b104f05184
Size

2.7MB
Sample

210319-abewf1vxbe
MD5

894c537df61c9e9390fac65486db464f
SHA1

b59c6320e0cb6c35f8626104fc0baf7a04bd87a8
SHA256

f9e0fd26bdf1ef7a5cc255616368c8d0df6bb68e4d787e3bc1cee1b104f05184
SHA512

6bcce45ddbd0d5b49cad214c9025cebc40e50f70f991bee71422f060e8a96cc63fa415f882e55b7de63e6d9b4f3ad550b54d6ee49860f31dac4c4f23fb1e2697

Score

10^/10

ginp android banker infostealer obfuscation stealth trojan

Static task

static1

Behavioral task

behavioral1

Sample

f9e0fd26bdf1ef7a5cc255616368c8d0df6bb68e4d787e3bc1cee1b104f05184.apk

Resource

android-x86_64

ginp banker infostealer obfuscation stealth trojan

android_x86_64

0 signatures

0 seconds

Malware Config

Extracted

Family

ginp

C2

http://fatgoose.top/api201/

http://purefoe.cc/api201/

http://nicemovement.top/api201/

Targets

- Target
  
  f9e0fd26bdf1ef7a5cc255616368c8d0df6bb68e4d787e3bc1cee1b104f05184
- Size
  
  2.7MB
- MD5
  
  894c537df61c9e9390fac65486db464f
- SHA1
  
  b59c6320e0cb6c35f8626104fc0baf7a04bd87a8
- SHA256
  
  f9e0fd26bdf1ef7a5cc255616368c8d0df6bb68e4d787e3bc1cee1b104f05184
- SHA512
  
  6bcce45ddbd0d5b49cad214c9025cebc40e50f70f991bee71422f060e8a96cc63fa415f882e55b7de63e6d9b4f3ad550b54d6ee49860f31dac4c4f23fb1e2697
Score

10^/10

ginp banker infostealer obfuscation stealth trojan
- Ginp
  Ginp is an android banking trojan first seen in mid 2019.
  banker trojan infostealer ginp
- Removes its main activity from the application launcher
  stealth trojan
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

ginpbankerinfostealerobfuscationstealthtrojan

© 2018-2024

Terms | Privacy