![]() ![]() I ran the entire dissection on Linux Ubuntu without any major issues. ![]() Follow the instructions below to get DroidBox running on your machine.ĭroidBox state that their software's only been tested on Linux and Mac OS. The main tool I'll be using for dynamic analysis is DroidBox. This should allow us to see what sort of methods and code are being used to piece the app together - and more importantly: where the malicious activity occurs. This will be key to determining what we're looking for in the static analysis phase.ĭuring the static analysis phase we'll be reverse engineering the APK file to produce the Java source code. This dissection is broken down into two parts:ĭuring the dynamic analysis phase we'll let the app run in an emulated environment to see what files and websites it accesses. JD-GUI graphical utility that displays Java source codes of.dex2jar - a set of tools that reads Dalvik Executable (.dex/.odex) files and outputs.Android Emulator (included in the Android SDK - used to run the APK file.files/websites accessed etc) when it's running DroidBox - a dynamic analysis tool that shows us what an app is doing (i.e.The tools I'll be using for this dissection are: See also: What All This MD5 Hash Stuff Actually Means. The MD5 sum ( Wikipedia: md5sum) of a file acts as a digital fingerprint so we can quickly identify a file. The MD5 sum of the APK file I'll be dissecting is displayed above. So it's one of these malicious version of Flappy Bird that I'll be dissecting in this blog post. Having been removed from both both Apple's App Store and Google Play, various malicious versions of the app started to appear online to fill the gap (see Trend Micro's Trojanized Flappy Bird Comes on the Heels of Takedown by App Creator).Ģ0th March 2014 UPDATE: Dong has recently said that he'll be bringing Flappy Bird back soon, (see Flappy Bird to return, says creator Dong Nguyen). It's reported that the game was earning $50,000 per day from adverts which were displayed within the game (see Indie smash hit 'Flappy Bird' racks up $50K per day in ad revenue).Ĭreator Dong removed the game from Apple and Google on the 10th February 2014 after feeling guilty because the game was too addictive (see Flappy Bird taken down: App creator removes addictive smartphone hit from app store). GEARS Studios.ĭong Nguyen released the game on 24th May 2013 and it suddenly became popular in early 2014. Flappy Birdįirst, a brief introduction and background on what Flappy Bird is.įlappy bird is a game created by Vietnamese developer Dong Nguyen and published by indie game producer. So in this blog post I'll be focusing on how to dissect one of the malicious versions of Flappy Bird. I'm keen to see how Android malware is put together and how to reverse engineer it to see what's going on under the hood. I'm at a point with the project where I'm diverging away from the honeypot for a moment to look at other sources of malware. Coming up in this blog post: dissecting malicious version of Flappy Bird reveals premium rate SMS message sent without user being aware. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |