Listen Top Shows Blog

Unpacking the Packed Unpacker: Reverse Engineering an Android Anti-Analysis Native Library

Unpacking the Packed Unpacker: Reverse Engineering an Android Anti-Analysis Native Library

Update: 2018-08-28

Share

Description

I will discuss each of the techniques the malware author used in order to prevent reverse engineering of their Android native library including manipulating the Java Native Interface, encryption, run-time environment checks, and more. This talk discusses not only the techniques the malware author implemented to prevent analysis, but also the steps and process for a reverse engineer to proceed through the anti-analysis traps.

By Maddie Stone

Full Abstract & Presentation Materials: https://www.blackhat.com/us-18/briefings/schedule/index.html#unpacking-the-packed-unpacker-reverse-engineering-an-android-anti-analysis-native-library-10795

Comments

In Channel

Black Hat USA 2019 Keynote: Every Security Team is a Software Team Now by Dino Dai Zovi

Black Hat USA 2019 Keynote: Every Security Team is a Software Team Now by Dino Dai Zovi

2019-08-2601:04:10

Preview: The Future of Securing Intelligent Electronic Devices Using IEC 62351- 7

Preview: The Future of Securing Intelligent Electronic Devices Using IEC 62351- 7

2019-07-2904:24

The Emerging Threat Landscape with Phil Montgomery, FireEye

The Emerging Threat Landscape with Phil Montgomery, FireEye

2019-07-2509:21

Driving Cyber Resiliency of IoT Devices with Active Management & Cyber Hygiene

Driving Cyber Resiliency of IoT Devices with Active Management & Cyber Hygiene

2019-05-2311:32

CQTools: The New Ultimate Hacking Toolkit

CQTools: The New Ultimate Hacking Toolkit

2019-05-0601:01:55

Your Guide to An Integrated Threat Intelligence Strategy

Your Guide to An Integrated Threat Intelligence Strategy

2019-04-2510:04

Black Hat Asia 2019 Keynote: The Next Arms Race

Black Hat Asia 2019 Keynote: The Next Arms Race

2019-04-2258:05

Open Sesame: Picking Locks with Cortana

Open Sesame: Picking Locks with Cortana

2019-02-0546:25

BLEEDINGBIT: Your APs Belong to Us

BLEEDINGBIT: Your APs Belong to Us

2018-12-1946:51

Attacking and Defending Blockchains: From Horror Stories to Secure Wallets

Attacking and Defending Blockchains: From Horror Stories to Secure Wallets

2018-12-1948:41

Under the SEA - A Look at the Syrian Electronic Army's Mobile Tooling

Under the SEA - A Look at the Syrian Electronic Army's Mobile Tooling

2018-12-1926:14

DeepPhish: Simulating Malicious AI

DeepPhish: Simulating Malicious AI

2018-12-1950:54

Black Hat Europe 2018 Keynote

Black Hat Europe 2018 Keynote

2018-12-1945:08

Unpacking the Packed Unpacker: Reverse Engineering an Android Anti-Analysis Native Library

Unpacking the Packed Unpacker: Reverse Engineering an Android Anti-Analysis Native Library

2018-08-2839:32

Practical Web Cache Poisoning: Redefining 'Unexploitable'

Practical Web Cache Poisoning: Redefining 'Unexploitable'

2018-08-2843:54

An Attacker Looks at Docker: Approaching Multi-Container Applications

An Attacker Looks at Docker: Approaching Multi-Container Applications

2018-08-2838:56

SirenJack: Cracking a 'Secure' Emergency Warning Siren System

SirenJack: Cracking a 'Secure' Emergency Warning Siren System

2018-08-2851:20

Are You Trading Stocks Securely? Exposing Security Flaws in Trading Technologies

Are You Trading Stocks Securely? Exposing Security Flaws in Trading Technologies

2018-08-2850:51

GOD MODE UNLOCKED - Hardware Backdoors in x86 CPUs

GOD MODE UNLOCKED - Hardware Backdoors in x86 CPUs

2018-08-2850:59

Fire & Ice: Making and Breaking macOS Firewalls

Fire & Ice: Making and Breaking macOS Firewalls

2018-08-2825:19

00:00

00:00

x

Unpacking the Packed Unpacker: Reverse Engineering an Android Anti-Analysis Native Library

Unpacking the Packed Unpacker: Reverse Engineering an Android Anti-Analysis Native Library

Black Hat