On this page, I will post the abstract of each of my whitepapers and a link to the paper itself. The goal of these papers is to share information in an understandable manner whilst learning new techniques myself.
Malware is complex and relatively undocumented, since there is no profit to be made by documenting everything as if it were a software project. This paper is an introduction into the wonderful world of malware and explains the basic concepts. The reader does not necessarily need to have a technical background, although it helps to fully understand the concepts.
Abusing the architecture of the antivirus suite, one can transport known malware onto a device using another device, with another architecture, to transport it. An extensive report containing code for a proof-of-concept can be found in the paper.
Sophisticated Google Play BankBot Trojan campaigns
Co-authored a blog about Android banking trojans in the Google Play Store. The blog contains details about the active campaigns, modus operandi and the details of the specific bots.
Android Malware Analysis C52: Breaking two encryption layers
Android malware uses different techniques to evade the antivirus. Static analysis revealed how this sample evaded virtual machines and the matching of hardcoded strings using Java Reflection and homebrew encryption. The paper can be downloaded here. An automated tool to decrypt the two encryption layers can be found on my Github repository.
Papers in the making
- Multi-Application Malware