Learning Android Malware Analysis
56mIntermediate2019-10-25
Authors

Kristina Balaam
Security Intelligence Engineer at Lookout
Course details
In response to the exponential growth of mobile device use, malicious apps have increased. Yet the industry is lacking professionals capable of identifying and combating these threats. Adding malware analysis to your skill set can help set you apart to employers and clients—and help you keep your users and organization safe. Security intelligence engineer Kristina Balaam introduces the basic tools and techniques needed to detect and dissect malicious Android apps. Learn how to set up your analysis lab, with tools like APKTool, Dex2Jar, and JD-Project, and find malicious apps to deconstruct. Kristina shows how to search the codebase for indicators of malicious activity, and provides a challenge and solution set that allows you to practice your new skills.
Learning objectives
Installing the analysis tools on Mac and Windows
Viewing app resources
Decompiling applications
Analyzing permissions
Spyware types
Exfiltrated data, C2 servers, and strings
Learning objectives
Installing the analysis tools on Mac and Windows
Viewing app resources
Decompiling applications
Analyzing permissions
Spyware types
Exfiltrated data, C2 servers, and strings
Skills covered
Android DevelopmentAndroidMobile DevelopmentIncident ResponseGoogleCybersecurityLearning
Concepts
0. Introduction
- 01 - Analyzing malicious Android applications
- 02 - What you should know
1. Setting Up a Malware Analysis Lab
- 03 - An overview of common analysis tools
- 04 - Installing reverse-engineering tools - Mac
- 05 - Installing reverse-engineering tools - PC
- 06 - Finding malicious mobile applications
2. Decompiling Android Applications
- 07 - What makes an Android application
- 08 - The manifest, classes, and resource files
- 09 - Viewing app resources with APKTool
- 10 - Decompiling the application
3. Hunting for Malicious Activity
- 11 - Permissions, permissions, permissions
- 12 - What are spyware applications
- 13 - Common malicious functionality
- 14 - Exfiltrated data, C2 servers, and strings
- 15 - Challenge - StealthMango
- 16 - Solution - StealthMango
Conclusion
- 17 - Next steps
Related courses
- Writing Secure Code for Android by Infosec
- Complete Guide to Android Development with Kotlin for Beginners
- Building Native Mobile Apps with NativeScript and Angular 2
- Building Flexible Android Apps with the Fragments API with Java
- Android Development Essential Training: Your First App with Kotlin
- Programming for Non-Programmers: Android & Kotlin
- Learning App Store Optimization for iOS and Android Apps
- Learning Mobile Device Security
Related learn paths
- Become an Ethical Hacker
- Succeed as a Remote IT Administrator
- Prepare for the Google Associate Android Developer Certification
- Become an Android Mobile App Developer
- Getting Started as a Java Developer
- Advance Your JavaScript Skills
- Succeed as a Remote Software Developer
- Develop Your Skills in Agile Software Development