Overview

overview

10

Static

static

Android APK

android_x86

10

Analysis

  • max time kernel
    2147551s
  • platform
    android_x86
  • resource
    android-x86-arm
  • submitted
    18-05-2021 15:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fe216bb1e5a3d190b9cbbeb6fd38eeb2.bin.apk

  • Size

    2.2MB

  • MD5

    fe216bb1e5a3d190b9cbbeb6fd38eeb2

  • SHA1

    ef0403a732bc8eacde3274a6095b760aa01f0d9b

  • SHA256

    d0b3ade2417fb8f5971efccaf98bdc9e19b78d73b86b95f487835d650d851cca

  • SHA512

    7120b5f83ed3dca9543db41798c6e15fffcd424de97026c2a661061fd66c47267d1c6293c57668c9c82c2af14b78599a868a8e41d7070d61d194a2b21d7e9eec

Score
10/10
ginpbankerinfostealerobfuscationtrojan

Malware Config

Extracted

Family

ginp

C2

http://gunfirebob.top/api201/

http://jackblack.cc/api201/

http://gunfirebob.top/api201/

http://jackblack.cc/api201/

Signatures

  • Ginp

    Ginp is an android banking trojan first seen in mid 2019.

    bankertrojaninfostealerginp
  • Loads dropped Dex/Jar 3 IoCs

    Runs executable file dropped to the device during analysis.

  • Uses reflection 1 IoCs
    obfuscation

Processes

  • title.wagon.inspire
    1⤵
    • Loads dropped Dex/Jar
    • Uses reflection
    PID:4641
    • title.wagon.inspire
      2⤵
        PID:4672
      • /system/bin/dex2oat
        2⤵
        • Loads dropped Dex/Jar
        PID:4672

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads