In this session we will talk about the different approaches towards mobile malware analysis and focus on some key areas that will help a newcomer to this field test the waters. We will highlight few tools and techniques specific to certain approaches in an effor to give a starting point to enthusiasts.
- Laptop capable of running a Virtual Machine
- Latest version of VirtualBox installed on the machine
- Administrator access to your machine with external USB allowed
- At least 25 GB free hard disk space + at least 8 GB RAM
- A list of tools and instructions
- Appropriate Java SDK and Runtime environment
- Basic familiarity with Linux
- Download the Santoku 0.5 VM from here
- It would be ideal to install the vm on the disk rather than using a live image during the session
- Please allocate a healthy hard disk size during vm creation as Android sdk and images take up a lot of space (~25gb upwards would be optimal)
- Install guest tools to allow better screen resolution - https://www.dedoimedo.com/computers/virtualbox-guest-addons.html
- Ensure that the VM has internet connectivity (might be needed during the session)
- Download ClassyShark for Linux/Mac/Windows from here
- Download AXMLPrinter for Linux/Mac/Windows from here
- Download Jadx for Linux/Mac from here Windows from here
- Download Dex2Jar from here
- Download and Install APIMonitor -here
- Download Aapt command tool from here
- Create an account on https://www.virustotal.com for network investigation
- Create an account on https://www.genymotion.com for Android emulator
- We will be working with live malware
- By attending the session you acknowledge the risks associated with this environment
- We are not responsible for any damages/losses caused by malware during this session