Wednesday 3 October 14:00 - 14:30, Red room
Maddie Stone (Google)
Malware authors implement many different techniques to frustrate analysis and make reverse engineering the malware more difficult. Many of these anti-analysis and anti-reverse engineering techniques attempt to send a reverse engineer down a different investigation path or require them to invest large amounts of time reversing simple code. This talk analyses one of the most robust anti-analysis native libraries we’ve seen in the Android ecosystem.
I will discuss each of the techniques the malware authors used in order to prevent reverse engineering of their Android native library, including manipulating the Java Native Interface, encryption, run-time environment checks, and more. This talk discusses the steps and the process required to proceed through the anti-analysis traps and expose what they’re trying to hide.