A friend of mine asked me help him to examine his Android 5.0 smartphone. He did not say what's wrong with his phone, and he just wonder why his wife know everything he chat on the phone, and where he has been.

I'd like to help him to figure out if anything wrong about his phone. When I start to monitor his phone, I find a very interesting stuff running on his phone. Obviously it try to pretend that it's Google Play App, actually it is not...Also I could see the destination ip and port...

I start to analye and figure out where it is. Yes that's it..a very suspicious package-"com.example.downloader"

Look at the Manifest and it's really scaring. It can read/write SMS, storage, contacts, calendar,locactions, process outgoing calls, even recording audio.

Guess what? It also could record chat messages including Naver Line, Facebook, What's App, Skype, and WeChat. No wonder his wife knows everything he chat on the phone. You could see the Naver Line chat messages recording on its own Database as below.

I told him what I found on his phone, and he was very angry. He swore to figure out what his wife has done to his phone and when she did this. I told hime that maybe she bought this App on the internet or her friend taught her to do so.  I think the reason why she did it maybe she's afraid that her husband does not love her anymore. If her husband has affair with other girls and she will know immediately.  Still it's illeagl and it's not a right thing to do to the one you love.

Android Malware Analysis的更多相关文章

  1. malware analysis、Sandbox Principles、Design && Implementation

    catalog . 引言 . sandbox introduction . Sandboxie . seccomp(short for secure computing mode): API级沙箱 . ...

  2. Deep Android Malware Detection小结

    题目:Deep Android Malware Detection 作者:Niall McLaughlin, Jesus Martinez del Rincon, BooJoong Kang 年份:2 ...

  3. cdmc2016数据挖掘竞赛题目Android Malware Classification

    http://www.csmining.org/cdmc2016/ Data Mining Tasks Description Task 1: 2016 e-News categorisation F ...

  4. Python Ethical Hacking - Malware Analysis(1)

    WRITING MALWARE Download file. Execute Code. Send Report. Download & Execute. Execute & Repo ...

  5. Practical Malware Analysis里有关inetsim\APATEDNS

    以前从未接触过linux,碰到了许多问题,按步骤: 1\安装VMWARE,安装ubuntu16.04 问题1:之前装的是VM10,装完后没有安装VMTOOLS,我点安装 VMTOOLS,它弹出“简易安 ...

  6. Python Ethical Hacking - Malware Analysis(4)

    DOWNLOAD_FILE Download files on a system. Once packaged properly will work on all operating systems. ...

  7. Python Ethical Hacking - Malware Analysis(3)

    Stealing WiFi Password Saved on a Computer #!/usr/bin/env python import smtplib import subprocess im ...

  8. Python Ethical Hacking - Malware Analysis(2)

    Filtering Command Output using Regex #!/usr/bin/env python import smtplib import subprocess import r ...

  9. APK自我保护方法

    标 题: [原创]APK自我保护方法 作 者: MindMac 时 间: 2013-12-28,21:41:15 链 接: http://bbs.pediy.com/showthread.php?t= ...

随机推荐

  1. python (3)简单语法:字符串(strip函数),数据类型

    一:字符串重复,索引,切片(字符串命令strip) 函数原型strip 声明:s为字符串,rm为要删除的字符序列 s.strip(rm)        删除s字符串中开头.结尾处,位于 rm删除序列的 ...

  2. protobuf使用说明

    1..proto文件为要生成.java文件的模板文件,其中包含名称空间.文件名等信息2.cmd中进入当前目录D:\JAVA\protoc-2.5.0-win323.运行 protoc.exe --ja ...

  3. c# as

    as:用于检查在兼容的引用类型之间执行某些类型的转换. Employee myEmployee = myObject as Employee; if (myEmployee != null) { } ...

  4. C++学习8 构造函数的参数初始化表

    构造函数是一种特殊的成员函数,在创建对象时自动执行,主要用来进行初始化工作,例如对 private 属性的成员变量赋值. 对成员变量的初始化,除了在构造函数的函数体中一一赋值,还可以采用参数初始化表. ...

  5. Regex 例

    密码复杂度:数字英文符号Regex r = new Regex("^(?:(?=.*[A-Z])(?=.*[a-z])(?=.*[0-9])|(?=.*[A-Z])(?=.*[a-z])(? ...

  6. 理论沉淀:隐马尔可夫模型(Hidden Markov Model, HMM)

    理论沉淀:隐马尔可夫模型(Hidden Markov Model, HMM) 参考链接:http://www.zhihu.com/question/20962240 参考链接:http://blog. ...

  7. EL表达式结合页面JSTL使用 迭代显示表格

    1.迭代显示表格 <%@ page isELIgnored="false"%><%@ taglib uri="/WEB-INF/struts-bean. ...

  8. 初探接口测试框架--python系列6

    点击标题下「蓝色微信名」可快速关注 坚持的是分享,搬运的是知识,图的是大家的进步,没有收费的培训,没有虚度的吹水,喜欢就关注.转发(免费帮助更多伙伴)等来交流,想了解的知识请留言,给你带来更多价值,是 ...

  9. 设置.Net多线程默认CultureInfo

    .net编码过程中,当我们新开一个线程时,其默认的CurrentCulture属性为当前系统的Culture,在软件的本地化没有完成的情况下,采用默认系统的文化编码方式,可能会导致软件在界面显示,数字 ...

  10. 关于static/const的作用

    这个简单的问题很少有人能回答完全.在C语言中,关键字static有三个明显的作用: 1)在函数体内,一个被声明为静态的变量在这一函数被调用过程中维持其值不变(该变量存放在静态变量区). 2) 在模块内 ...