Malicious APK

Description This is a continuation of the Android Spyware Maybank2u APK where I dig deeper specifically on the decompilation failure. Although several solution was found previously, I did not fully understand on the issue and thats the reason I’m having the research here The Issue The APK was not able to decompile as shown below. 1 2 3 4 5 6 unzip Maybank2u.apk Archive: Maybank2u.apk [Maybank2u.apk] AndroidManifest.xml password: skipping: AndroidManifest.xml incorrect password inflating: classes.dex ...[snip]... 1 2 3 4 5 6 7 jadx .\Maybank2u.apk INFO - loading ... ERROR - Failed to process zip file: .\Maybank2u.apk jadx.core.utils.exceptions.JadxRuntimeException: Failed to process zip file: .\Maybank2u.apk ...[snip]... Caused by: java.util.zip.ZipException: invalid CEN header (encrypted entry) ...[snip]... 1 2 3 4 5 6 7 apktool d .\Maybank2u.apk I: Using Apktool 2.10.0 on Maybank2u.apk with 8 thread(s). Exception in thread "main" brut.androlib.exceptions.AndrolibException: brut.directory.DirectoryException: java.util.zip.ZipException: invalid CEN header (encrypted entry) ...[snip]... Caused by: brut.directory.DirectoryException: java.util.zip.ZipException: invalid CEN header (encrypted entry) ...[snip]... Caused by: java.util.zip.ZipException: invalid CEN header (encrypted entry) Analysis To fully understand that happened, I used apkInspector tool to understand the information behind it. ...

Description I asked this APK from Fareed after I saw his post in X and decided to have a look into it. Analyzing APK This is interesting because this is my first time playing around malicious APK and I have no idea if it would affect anything on both my devices and my machine. As usual, I started out with static analysis first. Static Analysis I started out with both jadx and apktool but it has some error which fail to decompile the APK. ...