Android Banker Deep Dive (Part 6)

Рет қаралды 1,767

Күн бұрын

Part 6 of our Android Banker Deep Dive! In this video, we inspect multiple class entrypoints defined in the Manifest of the application to clean up and summarize their behavior.
---
In this [RE]laxing new series, I fully reverse a difficult Android Banker trojan from start to finish.
These extensive "Deep Dive" segments concentrate on dissecting malware specimens and delving into the individual approaches employed to fully reverse them. Throughout the journey, I attempt to provide explanations of my techniques as much as possible, however, if any ambiguities arise, please feel free to post a comment below.
Timestamps:
00:00 Intro
00:39 Begin Analysis
01:19 Naming Activities
03:23 JADX Decompliation Settings
05:11 Service Investigation
08:17 Decoding Strings
09:55 Cleaning up Classes
13:25 More String Decoding!
17:35 Receivers
18:27 More Activites and Classes
21:47 Fixing Nested Classes
25:47 Editing Shared Preferences
27:20 Recap
---
Software Links Mentioned in Video:
JADX: github.com/skylot/jadx
---
Malware Examined in the video (Banker/Anubis):
sha256:cae0c0d33e68be9cf81099680b815eb714d8296cb219b7a6247f7f081820f39a
---
laurieWIRED Twitter:
/ lauriewired
laurieWIRED Website:
lauriewired.com
laurieWIRED Github:
github.com/LaurieWired
laurieWIRED HN:
news.ycombinator.com/user?id=...
laurieWIRED Reddit:
/ lauriewired

Пікірлер: 14

@randommoosebrains 9 ай бұрын

Laurie on a roll with these videos

@Me.n_n 9 ай бұрын

Great 👍 Lauri , keep going ^^

@chrisking7603 2 ай бұрын

OK, it's evident that it scrapes user input and output and augments databases, but then what? The breadcrumbs to the perpetrators is most interesting part.

@muxerous 9 ай бұрын

Laurie can you make a series of videos about you smali for android app modifying?

@fredleckie5880 9 ай бұрын

Huzzah!

@Spider0x00 7 ай бұрын

I figured out that the "write" that you wanted to reach is actually writing the settings that you showed not a second apk, now I wonder, Is that all?!!

@ethicalmath3963 9 ай бұрын

LET’S FUCKING GOOOOO

@NTxC 9 ай бұрын

15:13 Hate it too

@Heccintech 9 ай бұрын

Have you considered making a discord

@noureddineziani9067 9 ай бұрын

What is your end game Laurie ?

@nickiascerinschi206 2 ай бұрын

Aaaaaand she gave up ...

@gvnsvn9294 9 ай бұрын

Is this one of these channels where the guy is creating all the stuff or a team and they take a "pretty" face in the video to generate clicks? anyways it is good programming content.

@nbudzinski 9 ай бұрын

Could you elaborate? It's clear she's the one interacting with the machine, so "the guy is creating all the stuff or a team" is sort of out of the question. Does she use some help to edit the content? Nothing wrong with that if she does, many creators do just that.

@gvnsvn9294 9 ай бұрын

If i stand in front of a painting and have a pen in my hand it dosent mean that I painted it. @@nbudzinski