Sometimes those techniques can be virtual machine detection, emulator detection, self certificate checking, pipes detection. For those situations on where the malware has anti-analysis routines, Droidefense attemps to bypass them in order to get to the code and ‘bad boy’ routine. It was built focused on security issues and tricks that malware researcher have on they every day work. Denial of Service: event notification deactivation, file deletion, process killing, virtual keyboard disable, terminal shutdown/reboot…Įnter your Email address to receive notifications | Join over Million Followers.Arbitrary code execution: native code using JNI, UNIX command, privilege escalation….PIM data modification: add/delete contacts, calendar events….External memory operations: file access on SD card….PIM data leakage: contacts, calendar, SMS, mails, clipboard….
Remote connection establishment: socket open call, Bluetooth pairing, APN settings edit….Audio/video flow interception: call recording, video capture….Telephony services abuse: premium SMS sending, phone call composition….Connection interfaces information exfiltration: WiFi credentials, Bluetooth MAC adress….Geolocation information leakage: GPS/WiFi geolocation….Device settings exfiltration: software version, usage statistics, system settings, logs….Telephony identifiers exfiltration: IMEI, IMSI, MCC, MNC, LAC, CID, operator’s name….Structural and data flow analysis of the bytecode targeting different malicious behaviours categories
#Http toolkit android android#
To detect and warn the user about potential malicious behaviours developped by an Android application. Static code analyzer for malicious Android applications
0 kommentar(er)
