Static vs Dynamic Malware Analysis

Analyzing network traffic generated by the application

Reviewing the APK file without executing it

Examining user reviews on the App Store

Running the application to observe its behavior

To reduce the cost of analysis

To ensure compatibility with all mobile devices

To effectively analyze complex malware

To increase the speed of analysis

Operating system image distribution

App Store distribution

Compromised website distribution

Phishing-enabled distribution

By providing fake software updates

By sending links to APK files via SMS or email

By offering free in-app purchases

By exploiting device vulnerabilities

Slower device performance

Increased battery consumption

Incompatibility with certain devices

Inclusion of Trojan applications in standard distributions

By deleting the original source code

By selling the source code to third parties

By encrypting the source code

By modifying the source code and uploading the application

During a routine maintenance check

During a software update

While the device is in the user's possession

When the device is left unattended in a public place