The Android module, codenamed Andrubis, provides its users with a simple way to execute Android apps in a fully functioning sandbox which does several tests and generates a detailed report for the uploaded APK file. Every report is divided into the following categories:
1. General information
2.Static Analysis Report
- Broadcast Receivers
- Required Permissions
- Used Permissions
The reports are provided in both HTML and XML formats. PCAP data captures are provided for download as well.
Part of an actual report on Android/DNightmare Trojan, click for large version:
The service generates a "maliciousness rating" for every application which ranges from 0 (likely benign) to 10 (likely malicious). Do take this with a grain of salt, as I have tested a couple of legit applications which were mistakenly labeled as malicious, with very high scores such as 9.66931 or 9.93733.
Anubis is a free service and it doesn't require registration. You can start the analysis by uploading the APK file here.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.