Friday, 5 December 2014

Snippet : DeathRing Android Malware AES URL Decryption




In this blog post we'll be looking at a new malware named DeathRing that discovered recently by Lookout. Main focus of this post will be to describe briefly the decryption process (through source code re-construction) of the AES encrypted base URL that malware uses to communicate with the server.


Read more »
Posted by at No comments:
Labels: , , , , ,

Sunday, 28 September 2014

Android WipeLocker - Obey or be hacked





"Elite has hacked you.Obey or be hacked"

That's the message that you will see after this malware infection,
in your Inbox.

Malware Name: WipeLocker (?)
Operating System (OS): Android
SHA256: F75678B7E7FA2ED0F0D2999800F2A6A66C717EF76B33A7432F1CA3435B4831E0

Read more »
Posted by at No comments:
Labels: , , ,

Sunday, 22 June 2014

An introduction to gikdbg.art (aka Android Ollydbg) attaching Towelroot



gikdbg.art (Android Ollydbg)


This post will provide the following:
  • Introduction to gikdbg.art
  • Setup of the environment
  • Quick introduction on attaching the TowelRoot exploit (libexploit.so)

Read more »
Posted by at 2 comments:
Labels: , , , , , , ,

Thursday, 5 June 2014

Inside SimpLocker




Malware Name: Simplocker
Operating System (OS): Android
Credits to: ESET and Robert Lipovsky.


Read more »
Posted by at No comments:
Labels: , , , , , ,

Thursday, 20 March 2014

Dex to Java decompiler (jadx)

Description from the site:
Command line and GUI tools for produce Java source code from Android Dex and Apk files
Note: jadx-gui now in experimental stage
A new decompiler that helps to translate dex files into a human readable Java code. In the current stage of development the exported results are impressive. In addition is fast and reliable. So check it out.

In addition it comes with an experimental gui. Testing it out with some dex files its stable for some fast malware analysis.

More info:


Posted by at No comments:
Labels: , , ,
Subscribe to: Posts (Atom)