Part I: How to Unpack the Malware App
This past January I performed a deep analysis of an Android rootnik malware variant and posted them to this blog. Since then, I have continued to monitor this Android malware family. In early June, FortiGuard Labs found a new variant of the Android rootnik malware that disguises itself as a legal app. It then uses open-sourced Android root exploit tools to gain root access on an Android device.
To be clear, this malware was NOT found in Google Play. The developer of the malware app repackaged a legal app…
Article Link: https://blog.fortinet.com/2017/07/09/unmasking-android-malware-a-deep-dive-into-a-new-rootnik-variant-part-i