A friend of mine asked me help him to examine his Android 5.0 smartphone. He did not say what's wrong with his phone, and he just wonder why his wife know everything he chat on the phone, and where he has been.

I'd like to help him to figure out if anything wrong about his phone. When I start to monitor his phone, I find a very interesting stuff running on his phone. Obviously it try to pretend that it's Google Play App, actually it is not...Also I could see the destination ip and port...

I start to analye and figure out where it is. Yes that's it..a very suspicious package-"com.example.downloader"

Look at the Manifest and it's really scaring. It can read/write SMS, storage, contacts, calendar,locactions, process outgoing calls, even recording audio.

Guess what? It also could record chat messages including Naver Line, Facebook, What's App, Skype, and WeChat. No wonder his wife knows everything he chat on the phone. You could see the Naver Line chat messages recording on its own Database as below.

I told him what I found on his phone, and he was very angry. He swore to figure out what his wife has done to his phone and when she did this. I told hime that maybe she bought this App on the internet or her friend taught her to do so.  I think the reason why she did it maybe she's afraid that her husband does not love her anymore. If her husband has affair with other girls and she will know immediately.  Still it's illeagl and it's not a right thing to do to the one you love.

Android Malware Analysis的更多相关文章

  1. malware analysis、Sandbox Principles、Design && Implementation

    catalog . 引言 . sandbox introduction . Sandboxie . seccomp(short for secure computing mode): API级沙箱 . ...

  2. Deep Android Malware Detection小结

    题目:Deep Android Malware Detection 作者:Niall McLaughlin, Jesus Martinez del Rincon, BooJoong Kang 年份:2 ...

  3. cdmc2016数据挖掘竞赛题目Android Malware Classification

    http://www.csmining.org/cdmc2016/ Data Mining Tasks Description Task 1: 2016 e-News categorisation F ...

  4. Python Ethical Hacking - Malware Analysis(1)

    WRITING MALWARE Download file. Execute Code. Send Report. Download & Execute. Execute & Repo ...

  5. Practical Malware Analysis里有关inetsim\APATEDNS

    以前从未接触过linux,碰到了许多问题,按步骤: 1\安装VMWARE,安装ubuntu16.04 问题1:之前装的是VM10,装完后没有安装VMTOOLS,我点安装 VMTOOLS,它弹出“简易安 ...

  6. Python Ethical Hacking - Malware Analysis(4)

    DOWNLOAD_FILE Download files on a system. Once packaged properly will work on all operating systems. ...

  7. Python Ethical Hacking - Malware Analysis(3)

    Stealing WiFi Password Saved on a Computer #!/usr/bin/env python import smtplib import subprocess im ...

  8. Python Ethical Hacking - Malware Analysis(2)

    Filtering Command Output using Regex #!/usr/bin/env python import smtplib import subprocess import r ...

  9. APK自我保护方法

    标 题: [原创]APK自我保护方法 作 者: MindMac 时 间: 2013-12-28,21:41:15 链 接: http://bbs.pediy.com/showthread.php?t= ...

随机推荐

  1. SAR命令

    前面已经介绍了 vmstat和top命令的解析及使用,下面我们来学习一个更重要的命令sarsar命令可以通过参数单独查看系统某个局部的使用情况 sar 命令行的常用格式: sar [options] ...

  2. MongoDB基本命令的使用

    成功启动MongoDB后,再打开一个命令行窗口输入mongo,就可以进行数据库的一些操作. 输入help可以看到基本操作命令: show dbs:显示数据库列表 show collections:显示 ...

  3. Xcode7--坑无法运行iOS9以下的模拟器

    Unable to open liblaunch_sim.dylib. Try reinstalling Xcode or the simulator 解决办法 一.找到目标文件 /Applicati ...

  4. 把Nginx加为系统服务(service nginx start/stop/restart)

    1.编写脚本,名为nginx #!/bin/sh # # nginx - this script starts and stops the nginx daemon # # chkconfig: - ...

  5. 老师你好。使用cordova生成的hellowold 的安卓5.0版本太高。怎么才可以生成4.4的呢?

    你好 在你的应用目录,有个config.xml文件,课程没有介绍每个配置项.你可以增加一项 preference name="android-targetSdkVersion" v ...

  6. Asp.Net 上传图片并生成高清晰缩略图(转)

    在asp.net中,上传图片功能或者是常用的,生成缩略图也是常用的.baidu或者google,c#的方法也是很多的,但是一用却发现缩略图不清晰啊,缩略图片太大之类的事情,下面是我在处理图片上的代码, ...

  7. mssqlserver 批量插入示例

    public bool DoQuestionSqlBulkCopy(DataTable dtDoQuestion,             string DoQuestionName,         ...

  8. C++primer 练习12.27

    // 12_27.cpp : 定义控制台应用程序的入口点. // #include "stdafx.h" #include<iostream> #include< ...

  9. MS Sqlserver 备份数据库SQL

    通过作业的方式调用SQL执行自动备份,可以解决忘记备份数据库的问题,记录一下 declare @FileFullName varchar(40); declare @FileName varchar( ...

  10. SQL语句的执行计划(oracle表的三种链接方式)

    SQL语句我们写完之后,就是分析其优化,这就要求我们了解到底数据是怎么存储. 首先我们需要了解,表链接的几种方式 nested loop join sort merge join hash join ...