Overview

overview

10

Static

static

Android APK

android_x86_64

10

Analysis

  • max time kernel
    3598255s
  • max time network
    145s
  • platform
    android_x86_64
  • resource
    android-x86_64
  • submitted
    15-04-2021 16:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    454157fddcd4c4d414d20be52c57b9eb900dee819f426a3a101e3bc4e4aba8e1.apk

  • Size

    3.0MB

  • MD5

    0ee55f288a1f8f9995e2d3c839c43ba4

  • SHA1

    7efafdf39a3c0b07f5b10b21f313cf07ccf599a5

  • SHA256

    454157fddcd4c4d414d20be52c57b9eb900dee819f426a3a101e3bc4e4aba8e1

  • SHA512

    29b41ffb38a9d25fcaca1d237c92a01533c57c24deef74dbbbbce671f710f53ea6211002f5b5390a73abb3cf5a031d8237bf8d8dec40c7974cda900e29c111be

Score
10/10
ginpbankerinfostealerobfuscationstealthtrojan

Malware Config

Extracted

Family

ginp

C2

http://coldcoolcoco.top/api201/

http://jackblack.cc/api201/

http://sweetseventeen.top/api201/

Signatures

  • Ginp

    Ginp is an android banking trojan first seen in mid 2019.

    bankertrojaninfostealerginp
  • Removes its main activity from the application launcher 1 IoCs
    stealthtrojan
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Uses reflection 27 IoCs
    obfuscation

Processes

  • crop.dumb.nut
    1⤵
    • Removes its main activity from the application launcher
    • Loads dropped Dex/Jar
    • Uses reflection
    PID:3614

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads