Overview

overview

10

Static

static

Android APK

android_x86_64

10

Analysis

  • max time kernel
    1279920s
  • max time network
    158s
  • platform
    android_x86_64
  • resource
    android-x86_64_arm64
  • submitted
    19-03-2021 20:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cf7072af58c9f9b6659ff0399238b46bd5e00757d97f05ebb7aa5def9d7e8cf9.apk

  • Size

    2.7MB

  • MD5

    70631fb6b1230cdf37297cd4663ee3f7

  • SHA1

    b3afc81d7e6e0c76dd384ded11cb132948888bba

  • SHA256

    cf7072af58c9f9b6659ff0399238b46bd5e00757d97f05ebb7aa5def9d7e8cf9

  • SHA512

    e5a62f09e2eabf6ed788fe316377a992d766faaa8940eb22134e1fd3bf4b9cc2e6a96360cc62be6ea0bf95353e8115577e37a2183983805eb8d90fb1b6201316

Score
10/10
ginpbankerinfostealerobfuscationstealthtrojan

Malware Config

Extracted

Family

ginp

C2

http://fatgoose.top/api201/

http://purefoe.cc/api201/

Signatures

  • Ginp

    Ginp is an android banking trojan first seen in mid 2019.

    bankertrojaninfostealerginp
  • Removes its main activity from the application launcher 1 IoCs
    stealthtrojan
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Uses reflection 27 IoCs
    obfuscation

Processes

  • perfect.purpose.announce
    1⤵
    • Removes its main activity from the application launcher
    • Loads dropped Dex/Jar
    • Uses reflection
    PID:4524

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads