Android Malware Threats: A Strengthened Reverse Engineering Approach to Forensic Analysis

Abstract

The increasing prevalence of Android devices has made them prime targets for malware attacks. These malicious programs pose a significant threat, causing financial loss through unauthorized premium-rate SMS messages and jeopardizing user privacy by stealing sensitive data like login credentials and contact information. The potential for downloaded malware to further compromise the device by installing additional malicious applications is even more concerning. To combat this growing menace, researchers are actively exploring methods to identify and mitigate these threats. This study investigates the effectiveness of reverse engineering as a tool for analyzing suspicious Android applications. Reverse engineering involves meticulously disassembling the application's code, deconstructing its functionalities, and revealing its underlying mechanisms. We uncovered its malicious capabilities by applying this technique to a suspected malware-infected application. This analysis used six stages: Initialization, decompilation, static analysis, code reversing, behavioral analysis, and reporting. This research underscores the power of reverse engineering as a valuable tool for deconstructing the functionalities of Android malware. By understanding how these malicious programs operate, we can develop more robust detection and prevention methods to safeguard Android users from these evolving threats. This research successfully obtained data and information about the virus and the number of attackers. The result also involves the list of specific files that contain malware indicators, so it would be used in the future to enhance detection system.