Android Spyware Further Analysis

Description This is a continuation of the Android Spyware Maybank2u APK where I dig deeper specifically on the decompilation failure. Although several solution was found previously, I did not fully understand on the issue and thats the reason I’m having the research here The Issue The APK was not able to decompile as shown below. 1 2 3 4 5 6 unzip Maybank2u.apk Archive: Maybank2u.apk [Maybank2u.apk] AndroidManifest.xml password: skipping: AndroidManifest.xml incorrect password inflating: classes.dex ...[snip]... 1 2 3 4 5 6 7 jadx .\Maybank2u.apk INFO - loading ... ERROR - Failed to process zip file: .\Maybank2u.apk jadx.core.utils.exceptions.JadxRuntimeException: Failed to process zip file: .\Maybank2u.apk ...[snip]... Caused by: java.util.zip.ZipException: invalid CEN header (encrypted entry) ...[snip]... 1 2 3 4 5 6 7 apktool d .\Maybank2u.apk I: Using Apktool 2.10.0 on Maybank2u.apk with 8 thread(s). Exception in thread "main" brut.androlib.exceptions.AndrolibException: brut.directory.DirectoryException: java.util.zip.ZipException: invalid CEN header (encrypted entry) ...[snip]... Caused by: brut.directory.DirectoryException: java.util.zip.ZipException: invalid CEN header (encrypted entry) ...[snip]... Caused by: java.util.zip.ZipException: invalid CEN header (encrypted entry) Analysis To fully understand that happened, I used apkInspector tool to understand the information behind it. ...

June 29, 2025 · 4 min · 715 words

Android Spyware Maybank2u APK

Description I asked this APK from Fareed after I saw his post in X and decided to have a look into it. Analyzing APK This is interesting because this is my first time playing around malicious APK and I have no idea if it would affect anything on both my devices and my machine. As usual, I started out with static analysis first. Static Analysis I started out with both jadx and apktool but it has some error which fail to decompile the APK. ...

May 4, 2025 · 8 min · 1550 words

Android Spyware Development

Prerequisite Android Studio kotlin Android Emulator or physical devices Discord as C2 I tested out this project in API 33 rooted device. Anything above API 33 might need to perform some modification to get everything works. Creating the spyware I created this project using Android Studio and Kotlin. This project took me around 16 hours to complete with massive help of GPT. Part 0 I started off by creating a project in Android Studio by pressing New Project > Empty Activity and provide a name. It will have some generated code and function. ...

April 21, 2025 · 9 min · 1885 words