Reverse Engineering Of Malware On Android

Smartphones have been a vulnerable target for malware since June 2004. The number of infected applications steadily increased until certain security measures like application signing and validation of developers was introduced. Android phones are one such smartphones that were and continue to be a prime target for hackers.The main objective of this project is divided into two parts. First, the actual working of a malware is scrutinized in order to understand its effects and functioning. Second, reverse engineering technique is used in order to tweak the files and renovate a legitimate application into a malware.The reverse engineering tools used are ApkTool, Dex2Jar, Notepad++, JD-GUI, etc. First a malware is disassembled and its source code is scrutinized to find the malicious code. Secondly, a legitimate application is disassembled and the AndroidManifest.xml file is altered to add more permissions and it is then repackaged. The new or altered application is then signed using a self-signed certificate and installed on the Android Emulator in order to test if the changes are reflected.In this project we also revisit the various malwares existing, the architecture and security model of Android, the reverse engineering tools and the ways of mitigating malware on Android devices.