Finding Potentially Malicious Android Code with Quark

In this video, we examine potentially malicious android code with Quark! Timestamps: 00:00 Intro 00:35 Grabbing Sample 01:35 Multiple Dex files? 03:00 Dealing with Lib Code 04:18 Getting Fooled 05:23 What to do 07:27 APKLab 09:35 Points of Interest 12:12 Cross Refs 15:20 Audio Recording Class 16:44 IEMI Number 17:50 Malicious Conclusion? 18:55 Recap --- Software Links Mentioned in Video: APKLab Github: https://github.com/APKLab/APKLab VSCode: https://code.visualstudio.com/ Quark engine: https://github.com/quark-engine/quark-engine Install: pip3 install -U quark-engine freshquark --- Malware Examined in the video (Bahamut): sha256:a71290070f826292c0ce907f21280e46cb4b800163ca3b81301c75710387ff1b MalwareBazaar Link: https://bazaar.abuse.ch/sample/a71290070f826292c0ce907f21280e4 ...