Finding Potentially Malicious Android Code with Quark
In this video, we examine potentially malicious android code with Quark!
Timestamps:
00:00 Intro
00:35 Grabbing Sample
01:35 Multiple Dex files?
03:00 Dealing with Lib Code
04:18 Getting Fooled
05:23 What to do
07:27 APKLab
09:35 Points of Interest
12:12 Cross Refs
15:20 Audio Recording Class
16:44 IEMI Number
17:50 Malicious Conclusion?
18:55 Recap
---
Software Links Mentioned in Video:
APKLab Github: https://github.com/APKLab/APKLab
VSCode: https://code.visualstudio.com/
Quark engine: https://github.com/quark-engine/quark-engine
Install:
pip3 install -U quark-engine
freshquark
---
Malware Examined in the video (Bahamut):
sha256:a71290070f826292c0ce907f21280e46cb4b800163ca3b81301c75710387ff1b
MalwareBazaar Link:
https://bazaar.abuse.ch/sample/a71290070f826292c0ce907f21280e4 ...
Duration: | 00:19:56 |
Views on youtube: | 1641 |
Youtube: https://www.youtube.com/watch?v=q1rftlZapMA
Comments