Tag Archives: Android

Extracting C&C from Android Malware

Even though AndroRat (http://www.symantec.com/connect/blogs/remote-access-tool-takes-aim-android-apk-binder) had been around for eons and the source code was made available (https://github.com/DesignativeDave/androrat) but there are many new ones popping out everyday. Today I will go through with you on how we can make Profiler work … Continue reading

Posted in DEX, Profiler | Tagged , | Comments Off on Extracting C&C from Android Malware

An analysis module for Android: announcing the Forensic Edition

We’re happy to announce the beginning of our work on a forensic oriented edition of Cerbero Profiler. This edition will contain extensions written on top of the standard edition, which are intended to help forensic analysis of supported platforms. Let’s … Continue reading

Posted in Advanced, Profiler | Tagged , , , | Comments Off on An analysis module for Android: announcing the Forensic Edition

Android Binary XML support

The upcoming version 0.9.4 of the Profiler adds support for Android’s binary XML format (such as that used by AndroidManifest.xml). Let’s take the sample output of the aapt tool in the Android SDK: N: android=http://schemas.android.com/apk/res/android E: manifest (line=22) A: package="com.example.android.notepad" … Continue reading

Posted in AXML, Profiler | Tagged , , , | Comments Off on Android Binary XML support

DEX support

Support for Android’s DEX format is the last major feature of the upcoming 0.9.0 release of the Profiler. The support includes format, layout ranges and a Dalvik disassembler. Support for APK is implicit, since support for Zip archives has been … Continue reading

Posted in DEX | Tagged , , | Comments Off on DEX support