Endoscope: Unpacking Android Apps with VM Based Obfuscation
Code virtualization has long been used for code protection by both benign and malicious programs. In recent years we have seen an increasing number of mobile apps adopting this technique. The difficulties to reverseengineer them lie in that one needs to figure out the virtual machine s mechanism of fetching and executing instructions, before one can understand higherlevel semantics of virtualized program. Due to the heterogeneity of custom instructions, Common Tools like jadx and IDA cannot recognize VM s instructions like they do with dex, x86, arm By: Fan Wu, Xuankai Zhang Full Abstract and Presentation Materials:
|
|