Recently, during our daily malware analysis routine, members of the FortiGuard Labs team encountered an Android sample that did not look familiar
"At a first look, it seemed clear that the APK was heavily obfuscated, and was possibly packed using some technique we had not seen before. This is not to say that it uses an extremely complicated technique. It seems to mostly rely on generating a variety of random functions to hide the real functionalities of the sample.
During our initial examination, we also spotted some interesting code amongst the rubbish functions being generated, so we decided to run the sample through FortiGuard's in-house APK sandbox analysis system to gather more information from its both static and dynamic analysis..."
Read More ...