Android/GinMaster.A is distributed in trojanized package application that has a malicious service that could root the device to gain admin privileges, install applications without user concern and post sensitive information.
Once the application is started the following URL is acceded, posting sensitive information (phone number, IMEI, Network type, device information, package application, android version):
Then a service is constantly acceding to this URL to receive commands.
Android/GinMaster.A creates a sqlite database to store the installed packages in the system and upload this information to a remote server.
Some trojanized Android.GinMaster packages includes the Exploit/Voldbrk to root the device and gain root privileges in order to install new packages silently and according to the C&C Server received parameters.