A friend of mine asked me help him to examine his Android 5.0 smartphone. He did not say what's wrong with his phone, and he just wonder why his wife know everything he chat on the phone, and where he has been.

I'd like to help him to figure out if anything wrong about his phone. When I start to monitor his phone, I find a very interesting stuff running on his phone. Obviously it try to pretend that it's Google Play App, actually it is not...Also I could see the destination ip and port...

I start to analye and figure out where it is. Yes that's it..a very suspicious package-"com.example.downloader"

Look at the Manifest and it's really scaring. It can read/write SMS, storage, contacts, calendar,locactions, process outgoing calls, even recording audio.

Guess what? It also could record chat messages including Naver Line, Facebook, What's App, Skype, and WeChat. No wonder his wife knows everything he chat on the phone. You could see the Naver Line chat messages recording on its own Database as below.

I told him what I found on his phone, and he was very angry. He swore to figure out what his wife has done to his phone and when she did this. I told hime that maybe she bought this App on the internet or her friend taught her to do so.  I think the reason why she did it maybe she's afraid that her husband does not love her anymore. If her husband has affair with other girls and she will know immediately.  Still it's illeagl and it's not a right thing to do to the one you love.

Android Malware Analysis的更多相关文章

  1. malware analysis、Sandbox Principles、Design && Implementation

    catalog . 引言 . sandbox introduction . Sandboxie . seccomp(short for secure computing mode): API级沙箱 . ...

  2. Deep Android Malware Detection小结

    题目:Deep Android Malware Detection 作者:Niall McLaughlin, Jesus Martinez del Rincon, BooJoong Kang 年份:2 ...

  3. cdmc2016数据挖掘竞赛题目Android Malware Classification

    http://www.csmining.org/cdmc2016/ Data Mining Tasks Description Task 1: 2016 e-News categorisation F ...

  4. Python Ethical Hacking - Malware Analysis(1)

    WRITING MALWARE Download file. Execute Code. Send Report. Download & Execute. Execute & Repo ...

  5. Practical Malware Analysis里有关inetsim\APATEDNS

    以前从未接触过linux,碰到了许多问题,按步骤: 1\安装VMWARE,安装ubuntu16.04 问题1:之前装的是VM10,装完后没有安装VMTOOLS,我点安装 VMTOOLS,它弹出“简易安 ...

  6. Python Ethical Hacking - Malware Analysis(4)

    DOWNLOAD_FILE Download files on a system. Once packaged properly will work on all operating systems. ...

  7. Python Ethical Hacking - Malware Analysis(3)

    Stealing WiFi Password Saved on a Computer #!/usr/bin/env python import smtplib import subprocess im ...

  8. Python Ethical Hacking - Malware Analysis(2)

    Filtering Command Output using Regex #!/usr/bin/env python import smtplib import subprocess import r ...

  9. APK自我保护方法

    标 题: [原创]APK自我保护方法 作 者: MindMac 时 间: 2013-12-28,21:41:15 链 接: http://bbs.pediy.com/showthread.php?t= ...

随机推荐

  1. 转载__Java内部类

    内部类是指在一个外部类的内部再定义一个类.内部类作为外部类的一个成员,并且依附于外部类而存在的.内部类可为静态,可用protected和private修饰(而外部类只能使用public和缺省的包访问权 ...

  2. 数据库事务 及ACID

    数据库事务(Database Transaction) ,是指作为单个逻辑工作单元执行的一系列操作,要么完全地执行,要么完全地不执行. 事务处理可以确保除非事务性单元内的所有操作都成功完成,否则不会永 ...

  3. ANT教程经典

    Ant是一个Apache基金会下的跨平台的构件工具,它可以实现项目的自动构建和部署等功能.在本文中,主要让读者熟悉怎样将Ant应用到Java项目中,让它简化构建和部署操作. 一.            ...

  4. Android 2.3 NFC简介

    Android 2.3加入了NFC(近场通讯)的支持.官网developer.android.com的英文介绍如下:Near Field Communications (NFC)Android 2.3 ...

  5. Java中-XMX -xmn 是什么的缩写

    这个应该是 eclipse 的配置文件 eclipse.ini 中的配置语句.在配置文件中直接传递给 java vm 的参数并不多,调用形式是这样的: 1 eclipse [normal argume ...

  6. Jmeter-Maven-Plugin高级应用:Selecting Tests To Run

    地址:https://github.com/jmeter-maven-plugin/jmeter-maven-plugin/wiki/Advanced-Configuration Selecting ...

  7. 94、EventBus框架 ---- 转载

    EventBus使用之基础 http://blog.csdn.net/yanbober/article/details/45667363 EventBus框架库代码走读  http://blog.cs ...

  8. JAVA继承时this和super关键字

    JAVA继承时this和super关键字 本文主要讨论在方法前使用this或super关键字时,编译器在什么地方查找对应的函数. 在子类中指定this关键字.首先在本类中查找,如果本类中找不到,再在父 ...

  9. GridControl 继承写法修改自己的GridControl

    namespace GridControlDemo { class MyGridControl : GridControl { protected override BaseView CreateDe ...

  10. SparkSQL On Yarn with Hive,操作和访问Hive表

    转载自:http://lxw1234.com/archives/2015/08/466.htm 本文将介绍以yarn-cluster模式运行SparkSQL应用程序,访问和操作Hive中的表,这个和在 ...