Overview

overview

10

Static

static

Android APK

android_x86_64

10

Analysis

  • max time kernel
    3571926s
  • max time network
    154s
  • platform
    android_x86_64
  • resource
    android-x86_64_arm64
  • submitted
    15-04-2021 09:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    52c2da2cc813574c7176cfff0e7ccbf401f61513dbc2776bca777b6791df3ef7.apk

  • Size

    2.8MB

  • MD5

    6a597e946bf59285266dca0bbba324e1

  • SHA1

    cc5f13a8c4184a408ac4a0394e2b0fb9b84f43c4

  • SHA256

    52c2da2cc813574c7176cfff0e7ccbf401f61513dbc2776bca777b6791df3ef7

  • SHA512

    1cdd09dbe12cad0a69d2da571f56c62b0821a82c2b12c8b47d3bc6c1ccebbe8cd645c08a6e3bb3576feb2600e5aac8b58d3222a9bc215c3ab29a3d6bbbd18940

Score
10/10
ginpbankerinfostealerobfuscationstealthtrojan

Malware Config

Extracted

Family

ginp

C2

http://goldenbullet.top/api201/

http://purefoe.cc/api201/

Signatures

  • Ginp

    Ginp is an android banking trojan first seen in mid 2019.

    bankertrojaninfostealerginp
  • Removes its main activity from the application launcher 1 IoCs
    stealthtrojan
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Uses reflection 27 IoCs
    obfuscation

Processes

  • glove.salt.prison
    1⤵
    • Removes its main activity from the application launcher
    • Loads dropped Dex/Jar
    • Uses reflection
    PID:4405

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads