La Calculadora Malvada
In the scope of our class project, we develop a repackaged malware based on the Simple Calculator app. The aim is to avoid detection through analysis tools and to perform the payload execution as stealthy as possible in an AsyncTask that does not block the main UI thread. Our repackaged app collects the contacts, i.e. name and telephone number, stored on the phone and sends them to a server.
CalculatorRepkg/contains the repackaged Simple Calculator app.
SimpleCalculator/contains the bytecode-level injection attempt.
Receptor/contains the mockup app that was used to develop the rider and hook code.
server/contains a simple server written in java that receives and prints messages to
build-and-sign-calculator.shis a script that optimizes and signs the
.apkfile built from the
SimpleCalculator-directory by apktool.