cancel
Showing results for 
Search instead for 
Did you mean: 

Android files user-interactive analysis

Hi!

I wonder if anyone is willing to share some experiences regarding how to analyse apk files with atd. I am new to the product, but have a system set up and is currently spending my time analysing random apk files that I download from the Internet.

Here are some reflections so far:

  • It seems that most files requires me to run in user-interactive mode to have a reliable result.
  • Running one file without interactive mode gives me a low threat level, while running the same file interactive and just seing the screen, not being able to do anything gives me a very high threat level
  • Some files that I upload are not analyzed by dynamic analysis (sandbox) even if they are not known. They seem to be analyzed when running interactive though.

Ideally I would like to be able to run tons of apk filen through this ATD, but if I will have to run all of them through user-interactiv analysis it will take to much time.

Any suggestions?

I am running on the following platform:

android-4.3_r0.9.1

Platform Version 3.4.8.142.52247

More McAfee Tools to Help You
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • Visit: Business Service Portal
  • More: Search Knowledge Articles
  • ePolicy Orchestrator Support
  • The McAfee ePO Support Center Plug-in is now available in the Software Manager. Follow the instructions in the Product Guide for more.