Friday, 5 December 2014

Snippet : DeathRing Android Malware AES URL Decryption

In this blog post we'll be looking at a new malware named DeathRing that discovered recently by Lookout. Main focus of this post will be to describe briefly the decryption process (through source code re-construction) of the AES encrypted base URL that malware uses to communicate with the server.

Sunday, 28 September 2014

Android WipeLocker - Obey or be hacked

"Elite has hacked you.Obey or be hacked"

That's the message that you will see after this malware infection,
in your Inbox.

Malware Name: WipeLocker (?)
Operating System (OS): Android
SHA256: F75678B7E7FA2ED0F0D2999800F2A6A66C717EF76B33A7432F1CA3435B4831E0

Sunday, 22 June 2014

An introduction to (aka Android Ollydbg) attaching Towelroot (Android Ollydbg)

This post will provide the following:
  • Introduction to
  • Setup of the environment
  • Quick introduction on attaching the TowelRoot exploit (

Thursday, 5 June 2014

Inside SimpLocker

Malware Name: Simplocker
Operating System (OS): Android
Credits to: ESET and Robert Lipovsky.

Thursday, 20 March 2014

Dex to Java decompiler (jadx)

Description from the site:
Command line and GUI tools for produce Java source code from Android Dex and Apk files
Note: jadx-gui now in experimental stage
A new decompiler that helps to translate dex files into a human readable Java code. In the current stage of development the exported results are impressive. In addition is fast and reliable. So check it out.

In addition it comes with an experimental gui. Testing it out with some dex files its stable for some fast malware analysis.

More info: