Extracted

Extracted

• • Target

    f1625cee7ce79d2ee091fddf945521c71d2dd911af433ca428599fcd83fbf040.bin

  • Size

    2.2MB

  • MD5

    eeac92bd85ce492fbd37f7c3e2f02631

  • SHA1

    d762a88b8c5efa5652fe7c258d4dec44bdd8a03c

  • SHA256

    f1625cee7ce79d2ee091fddf945521c71d2dd911af433ca428599fcd83fbf040

  • SHA512

    d855e104536f4b41b71c36913198b3dcf10bd9eac3649784bb604333cd097ff471348a41f6f12a0a8c9d7eb005c33ccabfa1472e9de144b75731cfdeb4b96ab8

  • SSDEEP

    49152:b7GeiwVInbeuao9Off4/DuGPJ3ZfMu6SxO+zqlPAhu:b7Ti2uaf4/DueZku6EZDo

  Score

  10^/10

  ginpmp31bankerinfostealertrojanevasion

  • Ginp

    Ginp is an android banking trojan first seen in mid 2019.

    bankertrojaninfostealerginp

  • Makes use of the framework's Accessibility service.

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).

    banker

  • Acquires the wake lock.

  • Loads dropped Dex/Jar

    Runs executable file dropped to the device during analysis.

  • Requests enabling of the accessibility settings.

  • Requests disabling of battery optimizations (often used to enable hiding in the background).

    evasion
  behavioral1behavioral2behavioral3

• • Target

    chrome_100_percent.pak

  • Size

    512KB

  • MD5

    5370b5425d8817fbcd543b242ca7a841

  • SHA1

    13ec99e57ce41ce0be61f1b72b4f11a7e583771e

  • SHA256

    0b976be3962b1371a21a8ef94220259c58996f9c6770ca060f5be3bb7dd6a808

  • SHA512

    14722b2bdf25f7cea508219a05abe16719809520758f02b933c6a54022132e1c3aee000b8856e07a2648b577cf55af0146f346191dad942070706281a33fef12

  • SSDEEP

    6144:aNkOr0nHcSjalQEd0NvmdXWN1+ZJdt9E26QbG:aNx0kj6QbG

  Score

  1^/10
  behavioral4behavioral5

• • Target

    libglog_init.so

  • Size

    30KB

  • MD5

    1d8773f1b7a3671230f2a79a962aa06d

  • SHA1

    17c3d9ef858f06a1e22c7ff396e319241cbc8648

  • SHA256

    7cca206115a144b902b25bf519c2cc870cf67f2abd120c853d4749983affb590

  • SHA512

    945ffd0ea125196dcb3af17b58daa04e169486a5d4c0fbfcd74cf65da814162d0eea12562107031516f53f56e13fe0abc131781cc4e18461308fc5a4934372ca

  • SSDEEP

    384:J3gF1A9CYfzwqba0GfYiB8V8pWH9XKdjANH45wyDTOuZrWxOgF9OLAy:qFC9ffzrO0cYiB+8uXIAq5wyDTZW4

  Score

  1^/10
  behavioral6behavioral7behavioral8behavioral9

• • Target

    libjsinspector.so

  • Size

    46KB

  • MD5

    9c55291249e2e3dbf8752b0e8cc771b1

  • SHA1

    85f42b6129ed03623354508b63775b82093485cb

  • SHA256

    5e1390ea9785aa2e1d885ad8a1bc02aa2c813e314c1d7bf0ff05c8459eb228f0

  • SHA512

    daba18bc73b45bcf8b25c2afa3282db88d7033214d79af15160fd5e46b6a8a39e8c0317f583c00df71dcd6219451e896d0d97cf4b57c068fb7864aa76e4ad437

  • SSDEEP

    768:TGKat6JF4q6o9GoYMCW8koTL1y0caiS984y4AI5wyDHMfkvgYjq+:TGKat8FxRCW8zL1y0clVS35wyDHM8I4h

  Score

  1^/10
  behavioral10behavioral11behavioral12behavioral13

• • Target

    libvlcjni.so

  • Size

    41KB

  • MD5

    523b207f1b0f377a1ed05a0229c4d090

  • SHA1

    f0ea160803c63c0510e0eaf92a5bfd9bdfdbf6e0

  • SHA256

    2180d3895940546131c170147ee3063111944701a359d4a762f52af2370a00ce

  • SHA512

    b8a4cd07af245a6b035cfd3ecbb36e81ca400fcef3c075c4b49a608415f0112cc04f36b253806dacccfade3e385a1428481b59bdf5cbd7f271f49b45a673bc1f

  • SSDEEP

    384:y1llta+taDIjWELJm/5+IjEmmwtKGVtfapz5KyC+BNWN7LY4UTSu6MR71SrMU:y/3taDIjWELLkElHCa3Kl+PWN5Y15S3

  Score

  1^/10
  behavioral14