Analysis of Uapush Malware Infection using Static and Behavior Method on Android

Abstract

This research combines static and behavior analysis to detect malwares on Android system. The analysis process was completed by implementing analysis process on a malware-infected application running on an Android device. The analysis process was implemented based on specific stages, started from implementing behavior analysis on a malware-infected application running on Android device. Moreover, this behavior analysis ran the application on an Android emulator; afterwards, the file processing running on Android would be analyzed using the tool designed on this research to determine whether or not the executed application has been infected by malware. By utilizing behavior analysis, this research aimed to construct LiME kernel module being able to be executed on Android to collect data running on Android memory. This collected data would be analyzed further using volatility as data scanning. The second analysis utilized static analysis by checking the application on android system before running. During the static analysis, the application extraction was executed to generate some files to be analyzed to verify malware infection.