106
android Malware and analysis
settings and tools will be there. Additionally, the time to boot and
interact with the emulator is substantially quicker.
e next way to preserve the settings is to run the emulator within
a virtual machine, such as VMWare or Virtual Box. Next congure
the emulator to support your analysis and then save a snapshot with
the virtual machine software. is will ensure that each time you
revert to the snapshot the emulator is reverted as well.
An alternative way to support preservation is to overwrite your
default image le with your updated image. As shown earlier the
emulator uses the le userdata.img to create the default environment
you see when starting up for the rst time. Once running, the system
creates another le called userdata-qemu.img to hold user congura-
tion and information. Install your applications and make your con-
guration changes and close the emulator. is data will be preserved
in the userdata-gemu.img. Take this le and overwrite the userdata.img
le with this. To take advantage of this, when you start the emulator,
select the “wipe user data” option. is will open the updated userdata.
img and replace the userdata-qemu.img le with this data. Using this
method can be helpful backup in the event that the emulator snapshot
becomes corrupt or unusable.
Setting Up a Physical Device for Testing
Almost any Android device can be used for testing; it just takes a few
more steps to get it congured. But before getting into the congura-
tion of the device one note about procuring a physical device. Android
devices having o-brand names and cheap prices are not usually the
best choice for testing. Namely, they use inferior hardware and have
limited support. Additionally, they may have a modied version of
Android that can produce unexpected behaviors during testing. at
being said, once you have your device the rst thing to do is determine
what version of Android you have. To do this, nd and click Settings
and scroll down to the bottom to nd the About tablet and select it.
ere you will nd an entry for your Android version. Depending on
what version you have you will have to go through a couple steps to
get this congured.
If you are running Android prior to version 4 do the following: