Overview

overview

10

Static

static

10

KrinkoOp.apk

android-9-x86

1

KrinkoOp.apk

android-10-x64

1

KrinkoOp.apk

android-11-x64

1

childapp.apk

android-9-x86

7

childapp.apk

android-10-x64

7

childapp.apk

android-11-x64

7

Resubmissions

14-08-2024 02:25

240814-cwdkyavejd 10

08-08-2024 10:50

240808-mxkqrawejh 10

21-01-2024 13:10

240121-qevpsadbfl 1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    KrinkoOp.apk

  • Size

    5.4MB

  • MD5

    de099258fa67f1801cc3784160bc37dc

  • SHA1

    7e9e8f223a23e297d124550775ddbd47e5cb76d2

  • SHA256

    26f0a9ba3832d464e2b26ad4f30b0e431221fbb99081ec0c833fa00976446023

  • SHA512

    d381ff7dc95c15e613baf6a0a47f8b6f4bfe1ba97fe89b03e8302ddc8ea2972bd1eb020eaaba3bdc37cac1d577cbb5a9ebe665745e9e3ddc61cfc0749265efd4

  • SSDEEP

    98304:9Y9gedMDQEiR5VKUAgR3Vuf7ymmd6Lg922QxroTUe0t:29g6MRwQK3OwGg9LPT2t

Score
10/10
spynote

Malware Config

Signatures

  • Spynote family
    spynote
  • Spynote payload 1 IoCs
  • Attempts to obfuscate APK file format

    Applies obfuscation techniques to the APK format in order to hinder analysis

  • Declares broadcast receivers with permission to handle system events 1 IoCs
  • Declares services with permission to bind to the system 3 IoCs
  • Requests dangerous framework permissions 3 IoCs

Files

  • KrinkoOp.apk
    .apk android

    com.appd.instll.load

    com.appd.instll.splash


  • childapp.apk
    .apk android

    tim.hd.they

    tim.hd.ocgkzdhgqjkngltxytjduscgccbojfwjsumtmubqizeqekyodb2.MainActivity


Android Permissions

KrinkoOp.apk

Permissions

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.REQUEST_INSTALL_PACKAGES

android.permission.REQUEST_DELETE_PACKAGES