Category Archives: DEX

Extracting C&C from Android Malware

Even though AndroRat (http://www.symantec.com/connect/blogs/remote-access-tool-takes-aim-android-apk-binder) had been around for eons and the source code was made available (https://github.com/DesignativeDave/androrat) but there are many new ones popping out everyday. Today I will go through with you on how we can make Profiler work … Continue reading

Posted in DEX, Profiler | Tagged , | Comments Off on Extracting C&C from Android Malware

BlueBox Android Challenge

Some weeks (? I don’t even remember the time frame) ago I was made aware by a friend of this challenge. Basically injection of Dalvik code through native code. I found some minutes this morning to look into it and … Continue reading

Posted in DEX, Profiler, Zip | Tagged , , | Comments Off on BlueBox Android Challenge

DEX support

Support for Android’s DEX format is the last major feature of the upcoming 0.9.0 release of the Profiler. The support includes format, layout ranges and a Dalvik disassembler. Support for APK is implicit, since support for Zip archives has been … Continue reading

Posted in DEX | Tagged , , | Comments Off on DEX support