Analysis
-
max time kernel
2s -
max time network
134s -
platform
android_x64 -
resource
android-x64-arm64-20240624-en -
resource tags
-
submitted
05-08-2024 07:22
General
-
Target
4bd4c8dcd3e42e5980e7f9d7adb9c33d.apk
-
Size
2.9MB
-
MD5
4bd4c8dcd3e42e5980e7f9d7adb9c33d
-
SHA1
8b8365830acff08df8ecf52676b884acafe42994
-
SHA256
5bc0916cf51f6deb1592f8e01e55433689f7049ec3016ab72c2f6e1775c57c30
-
SHA512
dc6542651816b3847ace57895c1194b85c41cc7b34eeafa35ee7fa7bca31a29cd64a659d83aeeb88bd59e75111ae49152e89baf81d0c3e061fd55c0bd24d8ade
-
SSDEEP
49152:b/7FtLgEDYBNeyPqrxVHLio41fZwXHLs+M7PHxuSHc7YFXvOvnvjfZ9S0:D7wsaNJqfriP7A7MzHgSH+YBvOvvjD
Malware Config
Extracted
ginp
2.8e
mp13
http://wholepartyhere.top/
http://insideluck.cc/
-
uri
api202
Signatures
-
Ginp
Ginp is an android banking trojan first seen in mid 2019.
-
Loads dropped Dex/Jar 1 TTPs 2 IoCs
Runs executable file dropped to the device during analysis.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
Processes
-
com.learn.habit1⤵
- Loads dropped Dex/Jar
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
249KB
MD58af4989ef5a56d70ef425aa86af8725f
SHA1c6322d3835a58308bd9103e38000d11eec69358b
SHA2568b8e29450c71540c4b4a2f4a1c696a5c5f556fddd4430973dcde50ad835d6c7e
SHA512945605f757a4bd8a4a10cb763c2dd5d2885b196e99e9999a2f5d044e4ab06f40f19616328657f886374dd53659c3ec7a9609d0dfab27052c6162def981112b81
-
Filesize
249KB
MD52b46cba304019f2ee51f154202c2501f
SHA114700dfddb0457f6034f9b908474751f305d68df
SHA2566e5ca745b4abf260d3e77ff8d9ed0fa983787538fa3d4fbbf6c73680aa193692
SHA512cf681dc74ca7b21cb47bc4265933e9e5a181578846692c689f7c0a4c9c8f73af44daeb90770d73fd4da37e6f3b336189ff82e59c08515209b8fb1f88130d77c8