The easiest way to perform a malicious Android application analysis is to run it in a controlled environment. You already know how to run an emulator and install applications via ADB, so you may install a suspicious application in a clean virtual system and see what artefacts are left after you run it. For example, you can find SQLite databases with data collected by a malicious application or its configuration files.
Dynamic analysis of malicious Android applications 
by Rohit Tamma, Donnie Tindall, Oleg Skulkin
Learning Android Forensics - Second Edition
- Title Page
- Copyright and Credits
- About Packt
- Contributors
- Preface
- Introducing Android Forensics
- Setting up the Android Forensic Environment
- Understanding Data Storage on Android Devices
- Extracting Data Logically from Android Devices
- Extracting Data Physically from Android Devices
- Recovering Deleted Data from an Android Device
- Forensic Analysis of Android Applications
- Application analysis overview
- Why do app analysis?
- Layout of this chapter
- Determining which apps are installed
- Understanding Unix epoch time
- Wi-Fi analysis
- Contacts/Call analysis
- SMS/MMS analysis
- User dictionary analysis
- Gmail analysis
- Google Chrome analysis
- Google Maps analysis
- Google Hangouts analysis
- Google Keep analysis
- Converting a Julian date
- Google Plus analysis
- Facebook analysis
- Facebook Messenger analysis
- Skype analysis
- Recovering video messages from Skype
- Snapchat analysis
- Viber analysis
- Tango analysis
- Decoding Tango messages
- WhatsApp analysis
- Kik analysis
- WeChat analysis
- Summary
- Android Forensic Tools Overview
- Identifying Android Malware
- Android Malware Analysis
- Other Books You May Enjoy
Dynamic analysis of malicious Android applications
-
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.