Android Undercover: Native Code Translation for AV Stealth - DC615/DEF CON Nashville
This is a live recording of a talk I gave at DEFCON (DC615) Nashville. The presentation explores how translating Java code into Native code thwarts many AV detections.
First, I go over a live example of translating Android Java code into Native code, and we watch the changes in AV detections. Later in the presentation, I examine some techniques of how a reverse engineer could analyze a sample with native code.
If you would like to follow along, the slides, tools, as well as example code is hosted on my github page here:
https://github.com/LaurieWired/AndroidNativeObfuscation_defcon615
Timestamps:
00:00 Introduction / Background
09:02 Anubis Java Code
16:08 Developing Native Cpp Code
19:57 Choosing the Method
22:30 Declaring a Native Method
24:40 Translating to Native
44:45 AV Dete ...
Тривалість: | 00:55:59 |
Переглядів на youtube: | 1945 |
Youtube: https://www.youtube.com/watch?v=UcdMx-te2NE
Коментарі