General

  • Target

    fe216bb1e5a3d190b9cbbeb6fd38eeb2.bin

  • Size

    2.2MB

  • Sample

    210518-kjclpch9zx

  • MD5

    fe216bb1e5a3d190b9cbbeb6fd38eeb2

  • SHA1

    ef0403a732bc8eacde3274a6095b760aa01f0d9b

  • SHA256

    d0b3ade2417fb8f5971efccaf98bdc9e19b78d73b86b95f487835d650d851cca

  • SHA512

    7120b5f83ed3dca9543db41798c6e15fffcd424de97026c2a661061fd66c47267d1c6293c57668c9c82c2af14b78599a868a8e41d7070d61d194a2b21d7e9eec

Malware Config

Extracted

Family

ginp

C2

http://gunfirebob.top/api201/

http://jackblack.cc/api201/

http://gunfirebob.top/api201/

http://jackblack.cc/api201/

Targets

    • Target

      fe216bb1e5a3d190b9cbbeb6fd38eeb2.bin

    • Size

      2.2MB

    • MD5

      fe216bb1e5a3d190b9cbbeb6fd38eeb2

    • SHA1

      ef0403a732bc8eacde3274a6095b760aa01f0d9b

    • SHA256

      d0b3ade2417fb8f5971efccaf98bdc9e19b78d73b86b95f487835d650d851cca

    • SHA512

      7120b5f83ed3dca9543db41798c6e15fffcd424de97026c2a661061fd66c47267d1c6293c57668c9c82c2af14b78599a868a8e41d7070d61d194a2b21d7e9eec

    • Ginp

      Ginp is an android banking trojan first seen in mid 2019.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

MITRE ATT&CK Matrix

Tasks