Online attackers are paying increased attention to mobile devices. At the moment, the biggest mobile threat vector seems to take the form of trojan applications designed to run on a mobile phone and containing unwanted "features." If you come across a malicious program of that nature, how can you analyze it? This quick post notes several articles and tools that focus on examining inner-workings of Android mobile applications.
- Android DroidDream Uses Two Vulnerabilities by Axelle Apvrille provides an overview of the DroidDream trojaned Android application.
- Dissecting Android Malware by Donato Ferrante documents a brief analysis of an Android malware sample using baksmali.
- Android Reverse Engineering - A Kick Start by Dhanesh presents technical notes and screen shots for analyzing an Android program from Linux.
- How to Decompile / Reverse Engineer Android APK by Tarandeep Singh offers a description of several tool and a tutorial on using APKTool for reversing Android apps.
- androidAuditTools: Dynamic Android Analysis Tools by wuntee showcases the use of androidAuditTools to perform behavioral analysis of Android malware.
- Analyzing Android Malware by Christiaan Beek explains how to analyze VideoPlayer Android malware with the help of JD-gui decompiler.
- Disassembling DEX Files by Gabor Paller demonstrates the use of dexdump and dedexter disassemblers for Android.
- Examining the Recent Android Malware by Jon Larimer outlines a walk-through of an analysis of the DroidDream/RootCager sample using baksmali
If you can recommend other free tools, references and tutorials for learning Android mobile malware analysis, please leave a comment.