Open-source atomic malware analysis

Analyze another

Pinokio_7.2.6_arm64.deb

DEB
Verdict: BENIGN
SHA256: 2f1fc732e5e5c851c78f22defb928252cffcf4ca0418136ab253084716dfc292
AI Legitimate Pinokio Electron application
Mal-ecule
K(Mc)O₁₄(Al₇C₁₉As₂₇Ca₆Co₅Dy₁₄Er₈I₄La₂S₂₇Xe₉Eu₂P₃Pr)H₁₁(Cm₄₈Db₂₂Os₂₄Po₃₁Cr₉Ds₂F₂₈Hf₃MgTiU₄)Md₉(Pa₂₀Bi₈Bk₂He₃InLi₅Si₃)
Size 101.0 MB download
First seen 21 days ago
Analyzed 4 days ago
Ecosystem vendor
Source github.com

Objectives

hostile severity, 95% confident.
supply-chain/trojanized Node.js package targets credentials for HTTP exfiltration
hostile severity, 95% confident.
supply-chain/trojanized/app Node.js package targets credentials for HTTP exfiltration
suspicious severity, 100% confident.
anti-static/obfuscation Long unbroken alphanumeric line comment
suspicious severity, 97% confident.
collection/activity React __reactProps$ scraping
suspicious severity, 95% confident.
collection/clipboard Accesses system clipboard via pbpaste
suspicious severity, 94% confident.
command-and-control/backdoor/tasking JS execSync command call
suspicious severity, 94% confident.
impact/wipe QNX Node process kill loop

Micro-behaviors

Metadata

suspicious severity, 100% confident.
lang/encoded javascript code encoded in string

20 of 317 traits shown

Identity

SHA-256 2f1fc732e5e5c851c78f22defb928252cffcf4ca0418136ab253084716dfc292
Canonical SHA-256 000877d1b0f3d96fa96340eacd5e83109ed2166e0698a934c1ed2bd2a5d78e51
Filename Pinokio_7.2.6_arm64.deb
Package pinokio

Origin

Source forager
Feed pinokio
Ecosystem vendor
Domain pinokio.computer
URL https://github.com/pinokiocomputer/pinokio/releases/download/v7.2.6/Pinokio_7.2.6_arm64.deb

Timeline

First seen 29 May 2026 21:54 UTC
First analyzed 15 Jun 2026 00:01 UTC
Last analyzed 15 Jun 2026 08:39 UTC
Last updated 15 Jun 2026 08:39 UTC

Labeling

Label good
Label source forager
Traits version 061e3