N Ways to Unpack Mobile Malware – Pentest Blog
Tags
| cmtmf-attack-pattern: | Native Code |
| country: | Turkey |
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Hooking - T1617 Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Python - T1059.006 Server - T1583.004 Server - T1584.004 Tool - T1588.002 Hooking - T1179 Hooking |
Common Information
| Type | Value |
|---|---|
| UUID | defb18f9-26d7-4b6a-8237-9c9f76708a79 |
| Fingerprint | 3f2499132ca50e8d |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | March 13, 2019, 10:49 a.m. |
| Added to db | Sept. 26, 2022, 9:30 a.m. |
| Last updated | Nov. 17, 2024, 11:40 p.m. |
| Headline | N Ways to Unpack Mobile Malware |
| Title | N Ways to Unpack Mobile Malware – Pentest Blog |
| Detected Hints/Tags/Attributes | 59/4/44 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://pentest.blog/n-ways-to-unpack-mobile-malware/ |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 4128 | github.com |
|
| Details | Domain | 138 | java.io |
|
| Details | Domain | 60 | java.net |
|
| Details | Domain | 53 | developer.android.com |
|
| Details | Domain | 144 | www.fortinet.com |
|
| Details | Domain | 1 | dedex.py |
|
| Details | Domain | 6 | sysopfb.github.io |
|
| Details | Domain | 3 | codeshare.frida.re |
|
| Details | Domain | 434 | medium.com |
|
| Details | File | 20 | dalvik.sys |
|
| Details | File | 364 | console.log |
|
| Details | File | 34 | net.url |
|
| Details | File | 26 | lang.obj |
|
| Details | File | 1 | class.tar |
|
| Details | File | 6 | this.tar |
|
| Details | File | 20 | thread.html |
|
| Details | File | 1 | dereflect.js |
|
| Details | File | 3 | s.inc |
|
| Details | File | 1 | defeating-an-android-packer-with-frida.html |
|
| Details | File | 1 | cbunlkwsqtz-dfb5a000-e0080000.bin |
|
| Details | File | 1 | cbunlkwsqtz-maps.txt |
|
| Details | File | 1 | dedex.py |
|
| Details | File | 1 | unpacking-anubis-apk.html |
|
| Details | File | 1 | anubis_manual.py |
|
| Details | File | 1 | solve_chinese.py |
|
| Details | File | 1 | getc2_imp.py |
|
| Details | Github username | 7 | frida |
|
| Details | Github username | 1 | eybisi |
|
| Details | Github username | 1 | cybersaxostiger |
|
| Details | sha256 | 1 | 3c35f97b9000d55a2854c86eb201bd467702100a314486ff1dbee9774223bf0e |
|
| Details | sha256 | 1 | e01ed0befbc50eeedcde5b5c07bf8a51ab39c5b20ee6e1f5afe04e161d072f1d |
|
| Details | Url | 1 | https://github.com/frida/frida/releases. |
|
| Details | Url | 1 | https://developer.android.com/reference/java/lang/thread.html |
|
| Details | Url | 1 | https://github.com/eybisi/nwaystounpackmobilemalware/blob/master/dereflect.js |
|
| Details | Url | 1 | https://www.fortinet.com/blog/threat-research/defeating-an-android-packer-with-frida.html |
|
| Details | Url | 1 | https://github.com/cybersaxostiger/androiddump |
|
| Details | Url | 1 | https://github.com/eybisi/nwaystounpackmobilemalware/blob/master/dedex.py |
|
| Details | Url | 1 | https://sysopfb.github.io/malware,/reverse-engineering/2018/08/30/unpacking-anubis-apk.html |
|
| Details | Url | 1 | https://github.com/eybisi/nwaystounpackmobilemalware/blob/master/anubis_manual.py |
|
| Details | Url | 1 | https://github.com/eybisi/nwaystounpackmobilemalware/blob/master/solve_chinese.py |
|
| Details | Url | 1 | https://github.com/eybisi/nwaystounpackmobilemalware/blob/master/getc2_imp.py |
|
| Details | Url | 3 | https://codeshare.frida.re |
|
| Details | Url | 252 | https://medium.com |
|
| Details | Url | 1 | https://github.com/eybisi/nwaystounpackmobilemalware |