Assignment: Analysis of Androidransomware Deadline 7/03/2026 Study guide 1. Open SDK Manager or directly AVD (Android Virtual Device) Manager to run the available configuration on the emulator. 2. Find the sample in the 'C:\STUDENT_LABS\Lab8 - Android Malware Analysis/' folder (you can also download it from hereLinks to an external site., password: infected123!) 3. Open CMD (command line) in the folder with the ransomware. 4, Copy several files (docs, pictures) to SDCard. At the very least just copy the pic.png file. adb push pic.png /sdcard/ 5. Install the ransomware: adb install Android_ransom.apk 6. What can you see? 7. Try to close the application. Describe what happens. 8. Find the installed services and running services. Describe what you think is suspicious and why. 9. Go to the SDCard and check the previously copied files. Have they been changed? If yes, how? adb shell cd /sdcard/ ls 10. Analyze the sample. Describe the methods/type of analysis you have performed. 11. Describe the malicious payload providing: a) Encryption details such as cipher, key length, and target files. b) Installation details and persistence mechanism. 12. Patch the application to recover (decrypt) your files on SDCard. Include the code for the patch in the report. Describe and highlight in the screenshot(s) the changes you have made, if any, to the ransomware code. 13. Write the report. Make sure all 12 items above are documented in the report with text and screenshots. During the Lab you can use the following tools located in the “c:/Android/” folder on your lab VM: 7z to unpack .apk file dex2jar - to convert .dex file to .jar JavaDec - to decompile .jar and see the pseudocode ‘apktool.bat d <APK file>’ - to disassemble and decompile .apk package ‘apktool.bat b’ - to build .apk package Sign+ app - to sign the built .apk with a debug signature Useful commands: adb install file.apk - install Android app adb uninstall app_name - uninstall Android app adb push pic.png /sdcard/ - copy a file to the emulator adb pull /sdcard/pic.png - get a file from the emulator adb shell pm list packages - list installed packages adb shell dumpsys activity services - list all services