A friend of mine asked me help him to examine his Android 5.0 smartphone. He did not say what's wrong with his phone, and he just wonder why his wife know everything he chat on the phone, and where he has been.

I'd like to help him to figure out if anything wrong about his phone. When I start to monitor his phone, I find a very interesting stuff running on his phone. Obviously it try to pretend that it's Google Play App, actually it is not...Also I could see the destination ip and port...

I start to analye and figure out where it is. Yes that's it..a very suspicious package-"com.example.downloader"

Look at the Manifest and it's really scaring. It can read/write SMS, storage, contacts, calendar,locactions, process outgoing calls, even recording audio.

Guess what? It also could record chat messages including Naver Line, Facebook, What's App, Skype, and WeChat. No wonder his wife knows everything he chat on the phone. You could see the Naver Line chat messages recording on its own Database as below.

I told him what I found on his phone, and he was very angry. He swore to figure out what his wife has done to his phone and when she did this. I told hime that maybe she bought this App on the internet or her friend taught her to do so.  I think the reason why she did it maybe she's afraid that her husband does not love her anymore. If her husband has affair with other girls and she will know immediately.  Still it's illeagl and it's not a right thing to do to the one you love.

Android Malware Analysis的更多相关文章

  1. malware analysis、Sandbox Principles、Design && Implementation

    catalog . 引言 . sandbox introduction . Sandboxie . seccomp(short for secure computing mode): API级沙箱 . ...

  2. Deep Android Malware Detection小结

    题目:Deep Android Malware Detection 作者:Niall McLaughlin, Jesus Martinez del Rincon, BooJoong Kang 年份:2 ...

  3. cdmc2016数据挖掘竞赛题目Android Malware Classification

    http://www.csmining.org/cdmc2016/ Data Mining Tasks Description Task 1: 2016 e-News categorisation F ...

  4. Python Ethical Hacking - Malware Analysis(1)

    WRITING MALWARE Download file. Execute Code. Send Report. Download & Execute. Execute & Repo ...

  5. Practical Malware Analysis里有关inetsim\APATEDNS

    以前从未接触过linux,碰到了许多问题,按步骤: 1\安装VMWARE,安装ubuntu16.04 问题1:之前装的是VM10,装完后没有安装VMTOOLS,我点安装 VMTOOLS,它弹出“简易安 ...

  6. Python Ethical Hacking - Malware Analysis(4)

    DOWNLOAD_FILE Download files on a system. Once packaged properly will work on all operating systems. ...

  7. Python Ethical Hacking - Malware Analysis(3)

    Stealing WiFi Password Saved on a Computer #!/usr/bin/env python import smtplib import subprocess im ...

  8. Python Ethical Hacking - Malware Analysis(2)

    Filtering Command Output using Regex #!/usr/bin/env python import smtplib import subprocess import r ...

  9. APK自我保护方法

    标 题: [原创]APK自我保护方法 作 者: MindMac 时 间: 2013-12-28,21:41:15 链 接: http://bbs.pediy.com/showthread.php?t= ...

随机推荐

  1. mysql事务与mysql储存引擎

    事务概念及存储引擎 1.0 为何要事务? 先来看一个场景,银行转账汇款: 李彦宏和周鸿祎天天打架,现在让李彦宏给周鸿祎转款1000 元 设计如下表 account表 编号(id)用户名(user)金额 ...

  2. GC之一--GC 的算法分析、垃圾收集器、内存分配策略介绍

    一.概述 垃圾收集 Garbage Collection 通常被称为“GC”,它诞生于1960年 MIT 的 Lisp 语言,经过半个多世纪,目前已经十分成熟了. jvm 中,程序计数器.虚拟机栈.本 ...

  3. 高可用集群heartbeat全攻略

    heartbeat的概念   Linux-HA的全称是High-Availability Linux,它是一个开源项目,这个开源项目的目标是:通过社区开发者的共同努力,提供一个增强linux可靠性(r ...

  4. CentOS yum安装和配置MySQL(转载)

    From:http://www.cnblogs.com/xiaoluo501395377/archive/2013/04/07/3003278.html] 一.MySQL简介 说到数据库,我们大多想到 ...

  5. python 多线程抓取动态数据

    利用多线程动态抓取数据,网上也有不少教程,但发现过于繁杂,就不能精简再精简?! 不多解释,直接上代码,基本上还是很好懂的. #!/usr/bin/env python # coding=utf-8 i ...

  6. android Studio 快捷键(转载)

    http://www.cnblogs.com/ut2016-progam/p/5627142.html http://blog.csdn.net/shulianghan/article/details ...

  7. C++学习28 重载>>和<<(输入输出运算符)

    在C++中,系统已经对左移运算符“<<”和右移运算符“>>”分别进行了重载,使其能够用于输入输出,但是输入输出的处理对象只能是系统内建的数据类型.系统重载这两个运算符是以系统类 ...

  8. [Java] 将标准字符流写入到文件中(通过控制台写一个html程序,并保存)

    package test.stream; import java.io.BufferedReader; import java.io.BufferedWriter; import java.io.Fi ...

  9. photoshop CS 调整选择区域的大小

    网上看到说:矩形选框不能直接调整大小,如果你不想重新画一个可以利用转换路径,然后再调整.这是不对的,矩形选框是可以调整大小的,使用"变换选区"即可.   对应步骤截图如下: 1.画 ...

  10. C Primer Plus(第五版)5

    第5章 运算符,表达式和语句 5.1 循环简单 程序清单 5.1 显示了一个示例程序,该程序做了一点算术运算来计算穿 9 码鞋的脚用英寸表示的长度.为了增加你对循环的理解,程序的第一版演示了不使用循环 ...