Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/LaurieWired/ReverseEngineeringAndroidMalware

This contains notes and slides for my talk on Reverse Engineering Android Malware
https://github.com/LaurieWired/ReverseEngineeringAndroidMalware

Last synced: 2 months ago
JSON representation

This contains notes and slides for my talk on Reverse Engineering Android Malware

Awesome Lists containing this project

README 

        



![logo](images/logo.png)



---



[![GitHub stars](https://img.shields.io/github/stars/LaurieWired/ReverseEngineeringAndroidMalware)](https://github.com/LaurieWired/ReverseEngineeringAndroidMalware/stargazers)

[![GitHub forks](https://img.shields.io/github/forks/LaurieWired/ReverseEngineeringAndroidMalware)](https://github.com/LaurieWired/ReverseEngineeringAndroidMalware/network/members)

[![GitHub contributors](https://img.shields.io/github/contributors/LaurieWired/ReverseEngineeringAndroidMalware)](https://github.com/LaurieWired/ReverseEngineeringAndroidMalware/graphs/contributors)

[![Follow @lauriewired on Twitter](https://img.shields.io/twitter/follow/lauriewired?style=social)](https://twitter.com/lauriewired)






---



# Reverse Engineering Android Malware 🤖



During this talk, I introduce the flow of malware analysis from the discovery to the reverse engineering phase. I show how to reverse engineer malicious Android applications and even look at a case study of the notorious SpyNote malware. Together we locate the malicious C2 server hidden inside of the Android application's resources.



## Bonus Challenge 🔍



⚠️ **Caution, this is real malware** ⚠️



Can you find the malicious C2 server inside this similar SpyNote sample?



- [MalwareBazaar File Profile](https://bazaar.abuse.ch/sample/5c01f7727c78dea9c89dccf92b01b4c45e69406e6462340779401497bf4d4589/)

- SHA256: 5c01f7727c78dea9c89dccf92b01b4c45e69406e6462340779401497bf4d4589



`Hint!` It may be encoded