cancel
Showing results for 
Search instead for 
Did you mean: 

Android files user-interactive analysis

Hi!

I wonder if anyone is willing to share some experiences regarding how to analyse apk files with atd. I am new to the product, but have a system set up and is currently spending my time analysing random apk files that I download from the Internet.

Here are some reflections so far:

  • It seems that most files requires me to run in user-interactive mode to have a reliable result.
  • Running one file without interactive mode gives me a low threat level, while running the same file interactive and just seing the screen, not being able to do anything gives me a very high threat level
  • Some files that I upload are not analyzed by dynamic analysis (sandbox) even if they are not known. They seem to be analyzed when running interactive though.

Ideally I would like to be able to run tons of apk filen through this ATD, but if I will have to run all of them through user-interactiv analysis it will take to much time.

Any suggestions?

I am running on the following platform:

android-4.3_r0.9.1

Platform Version 3.4.8.142.52247

ePO Support Center Plug-in
Check out the new ePO Support Center. Simply access the ePO Software Manager and follow the instructions in the Product Guide for the most commonly used utilities, top known issues announcements, search the knowledgebase for product documentation, and server status and statistics – all from within ePO.