Analyzing Android Malware Workshop

From HOPE Wiki
Jump to: navigation, search

Analyzing Android Malware; from triage to reverse engineering workshop

This workshop will be given:
   Day 2: Saturday, 23-July, 7:00pm - 11:00pm, in Workshop B (D'Angelo 306)

NOTE: You do NOT need to register to take this workshop -- please show up early to ensure a seat at Workshop B (D'Angelo 306).


Android malware has become prevalent across the landscape. In this workshop Vitor Ventura will provide hands-on reverse engineering techniques for Android malware. This workshop is designed to provide the participants with different approaches to malware analysis, so that they can perform their own analysis without the use of automated tools. When everything else fails, knowing how the tools work under the hood provides the necessary knowledge to bypass the problems encountered. The attendees will learn, by doing it themselves, how to bypass the most common techniques used by malware to prevent analysis. The objective is that the attendees understand how they can use techniques like instrumentation and patching to help them analyze and bypass malware defenses when the automated tools fail, while using only free and open source tools.


Vitor Ventura

Full Description

This is a full hands-on workshop you will applying techniques to bypass the most common malware protection techniques, using frida and doing static analysis.

Registration -- NOT required

You do not need to register in advance to take this workshop -- just show up early to ensure a seat.:

Required Software

This is a hands on workshop, as such a VM was created to make it easier for people to participate.
The VM can be downloaded here:

If you downloaded it and want to play with it in advanced the password is: password
It is strongly advised to use VMware to run the VM, you can download VMware from their site.
VirtualBox may work but it was not tested, use at your own risk.

What Participants Should Bring to the Workshop (if anything)

any optional or required stuff to bring go here

Links - VM