Automated Android Malware Analysis with CuckooDroid

Mechanical Bird!


Cuckoo Sandbox is a famous Open Source software for automating analysis of suspicious files.

CuckooDroid is an extension that brings to Cuckoo the capabilities of execution and analysis of android applications.

Developed by Idan Revivo and Ofer Caspi, CuckooDroid provides both static and dynamic APK inspection as well as evading certain VM-detection techniques, encryption key extraction, SSL inspection, API call trace, basic behavioural signatures and many other features.

Installation

git config --global user.email "[email protected]"
git config --global user.name "Your Name"
git clone --depth=1 https://github.com/cuckoobox/cuckoo.git cuckoo -b 1.2
cd cuckoo
git remote add droid https://github.com/idanr1986/cuckoo-droid
git pull --no-edit -s recursive -X theirs droid master
cat conf-extra/processing.conf >> conf/processing.conf
cat conf-extra/reporting.conf >> conf/reporting.conf
rm -r conf-extra
echo "protobuf" >> requirements.txt

More info and downloads

https://github.com/idanr1986/cuckoo-droid

Comments